arizona: one approach to doing a thira
DESCRIPTION
Session 5-5 Program Management and Sustainment. Arizona: One Approach to doing a THIRA. Presented by: Lisa Hansen, Assistant Director, Planning and Preparedness, Arizona Department of Homeland Security Steve Davis, Project Consultant, All Hands Consulting. Introductions. - PowerPoint PPT PresentationTRANSCRIPT
Arizona: One Approach to doing a THIRA
Presented by:
Lisa Hansen, Assistant Director, Planning and Preparedness, Arizona Department of Homeland Security
Steve Davis, Project Consultant, All Hands Consulting
Session 5-5Program Management and
Sustainment
1
INTRODUCTIONS
Lisa Hansen - Assistant Director, Planning and PreparednessArizona Department of Homeland Security
Steve Davis – Project Manager,Phoenix Strategic Planning ProjectAll Hands Consulting
2
PREPAREDNESS
Preparedness is based on strengthening our collective security and resilience through systematic preparation for the threats that pose the greatest risk.
Adapted from the Strategic National Risk Assessment - 2011
3
ARIZONA’S PREVIOUS EFFORTS
The Arizona Department of Homeland Security (AZDOHS) conducted a Target Capabilities Assessment.
Arizona Division of Emergency Management (ADEM) conducted a Hazard Identification and Risk Assessment (HIRA)
AZDOHS completed the 2011 State Preparedness Plan (SPR)
4
AZ TARGET CAPABILITIES ASSESSMENT
5
STATE OF ARIZONA HIRA
6
Hazard Identification and Risk Assessment(Does not include Adversarial Threats)
ARIZONA SPR
7
Not assessed
(5) 100% Capable
(4)
(3)
(2)
(1) No Capability 0%
Phoenix UASI Capability Scores
Plan
ning
Org
aniz
ation
Equi
pmen
t
Trai
ning
Exer
cise
s
Planning 4 4 5 4 5Public Information and Warning 5 5 4 4 5Operational Coordination 4 5 4 4 5Forensics and AttributionIntelligence and Information Sharing (Prevention Focus) 4 4 4 4 4Interdiction and Disruption (Prevention Focus) 5 5 4 4 4Screening, Search, and Detection (Prevention Focus) 4 4 4 4 5Access Control and Identity VerificationCybersecurityIntelligence and Information Sharing (Protection Focus) 4 5 4 4 5Interdiction and Disruption (Protection Focus) 5 5 4 4 4Physical Protective Measures 4 4 4 3 2Risk Management for Protection Programs and Activities 4 4 4 4 5Screening, Search, and Detection (Protection Focus) 4 4 4 4 5Supply Chain Integrity and SecurityCommunity Resilience 4 4 3 3 5Long-term Vulnerability ReductionRisk and Disaster Resilience AssessmentThreats and Hazard IdentificationCritical Transportation 4 4 4 4 6Environmental Response/Health and Safety 4 3 3 4 2Fatality Management Services 5 5 3 4 5Infrastructure Systems (Response Focus) 5 4 4 4 5Mass Care Services 5 5 4 4 5Mass Search and Rescue Operations 5 5 5 4 5On-scene Security and Protection 5 5 4 4 5Operational Communications 4 4 4 4 5Public and Private Services and Resources 3 3Public Health and Medical Services 4 4 4 4 5Situational AssessmentEconomic Recovery 3 3Health and Social ServicesHousingInfrastructure Systems (Recovery Focus) 3 3Natural and Cultural Resources
Arizona SPR Capability Scores
STATE STRATEGY
State Strategy Goals: Enhance Arizona’s Common
Capabilities (Plans, Comms, etc.)
Prevent Terrorist Attacks Enhance Border Security Protect Critical Infrastructure & Key Resources Respond to Incidents Recover from Incidents
8
PHOENIX UASI STRATEGY PROJECT Phoenix needed to update their Urban
Area Homeland Security Strategy Phoenix asked to include a THIRA as
part of the process THIRA guidance was not yet issued. So, working with the State, we decided
to validate the 2011 SPR as a means of doing the THIRA.
9
November
December
October
September
August
July January
February
MarchApril
May
June
Final UASI Investment
Justifications
THIRA
DHS Guidance
FundingAllocation
PrioritizeCore
Capabilities
Prioritized Core
Capability Targets
DevelopInvestment
Justifications
Inner Ring – Time
Middle Ring – Process
Outer Ring – Product
DevelopInitial Budget
UASI Initial
Budget to SAA
UASI Homeland SecurityGrant Lifecycle
Draft UASI Investment
Justifications
Guidance Summary &
Budget Guide
Review DHS GuidanceTraining & Exercise
Plan WorkshopDraft
Regional T&E Plan
Final Regional
Training & Exercise
Plan
Planning Begins for New Grant Cycle
UASI Strategy Assessment/
Review
Revised Homeland Security Strategy
Capabilities Assessment
Capability Assessment
Improvement Plan
ImprovementPlan Conference
New Budget
Conduct THIRA
10
PHOENIX STRATEGY
Phoenix Strategy: Focused on Rapid Response Teams Goals had been largely achieved Needed to be updated Phoenix wanted a fresh start and
asked that the new Strategy be based on an assessment of threats and capabilities.
11
PROJECT APPROACH
Research Stakeholders THIRA
Threat Assessment Capabilities Assessment (Estimation) Gap Analysis
Update Strategy
12
THIRA GUIDE – IT’S SIMPLE
1. Assesses your threats and hazards 2. Assesses the vulnerability to those hazards 3. Estimate the consequences of those threats
and hazards impacting the community 4. Establish capability targets5. Estimate current capability vs. target6. Captures the results of the THIRA and use it
to update your Strategy
13
OUR THIRA PROCESS
Objective: Conduct a State Preparedness Report (SPR) Validation Exercise to:
Conduct a Threat and Hazard Identificationand Risk Assessment
Conduct a Capabilities Estimation Perform a Gap Analysis Prioritize Select Capabilities to Sustain and
Enhance Build and Resource Implementation Steps -
Allocate Resources Based on Results
14
THIS IS NOTHING NEW
We all have been doing threat assessments, capability assessments, analyzing gaps, and updating Strategies for almost 10 years now.
Now we do THIRA, capability estimation, and gap analysis to update the Strategy.
This is part of the Should be part of the grant lifecycle.
The difference is: What are they going to do with the THIRA data?
15
THE 800 POUND GORILLA
16
WHY THE CONCERN ABOUT THIRA? What are they going to do with the
THIRA data? Will it impact funding allocation? Inquiring minds want
to know!
17
HOW WILL THIRA IMPACT US?
“There are no details yet as to whether states would be required to provide local governments with any role in the THIRA examination. FEMA would then choose which projects to fund from each state’s THIRA based on national priorities."
National League of Cities
18
NATIONAL PREPAREDNESS SYSTEM
19
NATIONAL PREPAREDNESS SYSTEM
Identify and assess risk (THIRA) Estimate capabilities needed to
address risks Build or sustain required levels of
capability Develop and implement plans to
deliver those capabilities Validate and monitor progress Review continuous improvement
efforts20
THE STATE PREPAREDNESS REPORT TOOL TRACKS CLOSELY TO THE THIRA PROCESS:
Identify the Threats and Hazards of Concern. (Select a target for each threat/hazard selected)
Give Threats and Hazards Context. (Determine which threat/hazard will require the maximum capacity.)
Examine the Capabilities using the Threats and Hazards. (Assess capabilities based on threat.)
Set Capability Targets. (What level do you need to achieve based on the threats)
Apply the Results. (Use the results to drive Strategy.)
21
VALIDATING THE SPR
22
Highest Risk Hazard/Threats (Rated 5) • Flood• Drought• Nuclear Accident• Dam Failure• Armed Assault
VALIDATING THE SPR
23
• Each threat/hazard is used to put the capabilities into context. • For each threat/hazard, we need to
explain the different conditions under which a threat or hazard might occur.• The Crosswalk Worksheet lists core
capabilities vertically and threats/hazards are listed horizontally.
STEP 1: SELECT A TARGET FOR EACHAPPLICABLE THREAT/HAZARD
Choose the most appropriate incident descriptions for each threat/hazard.
These escalate in severity - minor to very severe.
Select the highest severity incident that you aim to manage using local capabilities only.
This is your target operational level, not your current capability.
Outside mutual aid should not be considered.
24
TRANSPORTATION
What is a “Transportation System Failure” and should it be considered a hazard?
1. Failure in single-use transportation system; Impact limited to immediate geographical area
2. Failure in single-use transportation system; Highly localized effects on other transportation systems or other services
3. Failure in multi-use transportation system; Localized effects, potentially impacting other services
4. Failure in multi-use transportation system; Multi-state/regional effects impacting other services and sectors
5. Failure in multi-use transportation system; National effects impacting other services
25
STEP 1: SELECT A TARGET FOR EACHAPPLICABLE THREAT/HAZARD
We worked in the SPR spreadsheet tool to validate the entries in the SPR.
Your jurisdiction is not concerned with this hazard
Possible minor property damage; Minor public inconvenience; No associated evacuations
Minimal property damage; Some public threat and/or inconvenience; No associated evacuations
Minor inundation of structures and roads, especially near streams or rivers; Minor property damage; Some evacuations necessary of people and/or transfer of property to higher elevations
Significant inundation of structures and roads near streams or rivers, causing moderate to severe infrastructural damage; Significant property damage; Mandatory evacuation of people and transfer of moveable property to higher elevations
Extensive inundation of structures and roads, with widespread infrastructural destruction; Roadways become streams, and bridges collapse; Swift currents of flowing floodwater; Extensive property damage, with homes completely destroyed or under water; Mandatory mass evacuations of people and transfer of moveable property to higher elevations
Flood
Instructions
26
STEP 2: PROVIDE ONE THREAT/HAZARD CONTEXT FOR EACH CAPABILITY
"Which threat or hazard will require the maximum capacity?"
Stea
dy-s
tate
leve
l of e
ffor
tN
ot d
epen
dent
on
haza
rd se
verit
y
Eart
hqua
ke
Floo
d
Wild
fire
Hum
an P
ande
mic
Anim
al D
iseas
e
Drou
ght
Heat
Seve
re T
hund
erst
orm
Win
ter S
now
/Ice
Sto
rm
Chem
ical
Sub
stan
ce R
elea
se
Civi
l Unr
est
Nuc
lear
Acc
iden
t
Dam
Fai
lure
RDD/
Nuc
lear
Att
ack
Biol
ogic
al A
ttac
k (n
on-f
ood)
Biol
ogic
al/C
hem
ical
Foo
d Co
ntam
inati
on
Chem
ical
Att
ack
(non
-foo
d)
Arm
ed A
ssau
lt
Airc
raft
as a
Wea
pon
Expl
osiv
e De
vice
s
Cybe
r Att
ack
Planning Required
Public Information and Warning Required
Operational Coordination Required
Forensics and Attribution Optional
Intelligence and Information Sharing (Prevention Focus) Required
Interdiction and Disruption (Prevention Focus) Required
Screening, Search, and Detection (Prevention Focus) Required
Access Control and Identity Verification Optional
Cybersecurity Optional
Intelligence and Information Sharing (Protection Focus) Required
Interdiction and Disruption (Protection Focus) Required
Physical Protective Measures Required
Risk Management for Protection Programs and Activities Required
Screening, Search, and Detection (Protection Focus) Required
Supply Chain Integrity and Security Optional
Community Resilience Required
Long-term Vulnerability Reduction Optional
Risk and Disaster Resilience Assessment Optional
Threats and Hazard Identification Optional
Critical Transportation Required
Environmental Response/Health and Safety Required
Fatality Management Services Required
Infrastructure Systems (Response Focus) Required
Mass Care Services Required
Mass Search and Rescue Operations Required
On-scene Security and Protection Required
Operational Communications Required
Public and Private Services and Resources Required
Public Health and Medical Services Required
Situational Assessment Optional
Natural Technological/Accidental Adversarial/Human-CausedStep 2: Provide one threat/hazard context for each capability"Which threat/hazard will require the maximum capacity?"
If appropriate, each core capability is assessed in terms of a particular hazard. In this step, you pick the threat/hazard severity target that would cause your jurisdiction the most stress on that core capability. When a given core capability does not scale with the severity of an incident, but instead represents a steady-state level of effort, that is indicated.
Use the "+" and "-" buttons on the top to provide detail on the hazard target chosen in Step 1.
Use the "+" and "-" buttons on the left to provide the definition of the core capabililty.
Step 2 must be completed before moving to Step 3.
Edit
Edit Go to Step 3>>Instructions
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
Edit
27
VALIDATING THE THIRA
28
• For each capability, select the single threat/hazard that most stresses it.
• Base your selection the threats/hazards that are relevant to your jurisdiction.• Which threat/hazard requires the
maximum capacity for this capability?
STEP 3: CONDUCT AN ASSESSMENT OF EACH CORE CAPABILITY
"How close to the target is the jurisdiction?" Current capability levels are assessed in terms of
how close you are to meeting the target hazard levels specified.
Assessments are made for each of six POETE capability elements.
Consider organic assets only. If mutual aid improves your overall assessment,
you indicate the extent of the improvement separately.
If a capability gap exists, provide a description of the specific nature of the gap.
29
ASSESSING CAPABILITIES
30
• Scores indicate the estimated level of preparedness for each POETE element.• The assessment uses a 1 5 scale, ‐
where level 1 indicates little to‐ ‐no capability and level 5 indicates 100% of the capability desired. • Each POETE capability element is
rated on the 1 5 scale.‐Not assessed
(5) 100% Capable
(4)
(3)
(2)
(1) No Capability 0%
Capablity
Public Information and WarningFocus Area: Prevention, Protection, Mitigation, Response, and Recovery
Capability DescriptionDeliver coordinated, prompt, reliable, and actionable information to the whole community through the use of clear, consistent, accessible, and culturally and linguistically appropriate methods to effectively relay information regarding any threat or hazard, as well as the actions being taken and the assistance being made available, as appropriate.
Relative to this hazard-based capability target and considering only organic assets, this jurisdiction assesses its
capability to be:
Planning
Organization
Equipment
Training
Exercises
Capability Target
Nuclear Accident
Serious Accident - Significant release of radioactive material outside of the facility; Likely to require implementation of planned countermeasures; Near certainty of significant public exposure.
4
1
1
1
1
For this jurisdiction, this capability is:High priority
Medium priority
Low priority
(4) Most (76-99%) of the required organizational structure exists
(4) Recent multi discipline/jurisdictional exercise conducted; plans updated using AAR/IP
(3) Much (51-75%) of the required equipment exists
(3) Many relevant personnel (51-75%) have completed all relevant courses
(4) Plans/annexes are complete and up to date
31
GAP ANALYSIS Each POETE category has a place to
capture a description of gaps, advances and notes. Gap Description
What specific organizational changes would allow your jurisdiction to attain a rating of (5) for this capability?
Recent AdvancesDescribe any recent improvements in organization for this
capability.
Journal NotesThis space is provided exclusively for your use. This content is not
considered as part of your submission. It is intended to provide you with organizational notes that help establish consistency in
approach form year to year. Sample content could include:Rationale for choosing the assessment rating
Subject matter experts consulted and points of contact
Enter text here
Enter text here
Enter text here
32
SPR AS THIRA ISSUES
33
Organic Capability and Mutual Aid. Impact on Investments Understanding Risks Using a State Preparedness for a UASI Capabilities Issues The new NPGP “Vision”
ORGANIC CAPABILITY
New term, needs to be understood. - The term was only used in DoD from what we saw. Organic does not mean having a capability
without chemicals. It means having a standing capability - the
POETE to do the job. We included automatic mutual aid but not
resources that required the state or feds. However the State had plans and resources
that could not be ignored.
34
IMPACT ON INVESTMENTS
The THIRA will be used to support Investment Justifications.
If an Investment Justification is not linked to THIRA results, projects may not be funded.
The Federal Preparedness Coordinator (FPC) in each FEMA Region is to review State and UASI THIRAs.
35
USING THE SPR FOR A UASI
The SPR is done at a State-level, UASIs need to adjust if for their own perspective on threats and capabilities.
Threats/Hazards need to be looked at locally based on what is in other plans and stakeholder experience.
While hazards are addressed in HIRA, threats are not well known in terms of likelihood – it is more about what you want to prepare for.
36
CAPABILITIES ISSUES
Capabilities may be driven by events outside of your region. New Madrid, upheaval in Mexico, or a Northridge scenario may send evacuees to your area for mass care.
Need to think about that and how resources such as ARC may be depleted.
The SPR tool has the same core capability showing up in different mission areas. This was confusing.
Cross cutting capabilities looked at by each mission group but then need to be combined, they have different perspectives on most stressing hazard and gaps.
37
TRANSLATING THIS TO A STRATEGY
We updated the Strategy to: Align with the new Core Capabilities Address the gaps for priority Core
Capabilities Align with the AZDOHS Strategy Base implementation steps on
resourcing the prioritized Core Capabilities.
38
RESOURCING THE STRATEGY
Once gaps have been identified you need to work to close the gaps.
Capabilities (objectives) prioritized based on gaps.
Implementation Steps designed close gaps for priority capabilities.
Implementation Steps need to be funded to close the gaps.
39
40
Phoenix UASI Capability Scores
Plan
ning
Org
aniz
ation
Equi
pmen
t
Trai
ning
Exer
cise
s
Planning 4 4 5 4 5Public Information and Warning 5 5 4 4 5Operational Coordination 4 5 4 4 5Forensics and AttributionIntelligence and Information Sharing (Prevention Focus) 4 4 4 4 4Interdiction and Disruption (Prevention Focus) 5 5 4 4 4Screening, Search, and Detection (Prevention Focus) 4 4 4 4 5Access Control and Identity VerificationCybersecurityIntelligence and Information Sharing (Protection Focus) 4 5 4 4 5Interdiction and Disruption (Protection Focus) 5 5 4 4 4Physical Protective Measures 4 4 4 3 2Risk Management for Protection Programs and Activities 4 4 4 4 5Screening, Search, and Detection (Protection Focus) 4 4 4 4 5Supply Chain Integrity and SecurityCommunity Resilience 4 4 3 3 5Long-term Vulnerability ReductionRisk and Disaster Resilience AssessmentThreats and Hazard IdentificationCritical Transportation 4 4 4 4 6Environmental Response/Health and Safety 4 3 3 4 2Fatality Management Services 5 5 3 4 5Infrastructure Systems (Response Focus) 5 4 4 4 5Mass Care Services 5 5 4 4 5Mass Search and Rescue Operations 5 5 5 4 5On-scene Security and Protection 5 5 4 4 5Operational Communications 4 4 4 4 5Public and Private Services and Resources 3 3Public Health and Medical Services 4 4 4 4 5Situational AssessmentEconomic Recovery 3 3Health and Social ServicesHousingInfrastructure Systems (Recovery Focus) 3 3Natural and Cultural Resources
AZ State 2011 SPR Current Capability Estimations
Plan
ning
Org
aniz
ation
Equi
pmen
tTr
aini
ngEx
erci
ses
Planning 4 3 5 4 3Public Information and Warning 4 5 4 4 5Operational Coordination 3 4 4 4 5Forensics and Attribution 4 3 4 3 2Intelligence and Information Sharing (Prevention Focus) 4 4 4 4 4Interdiction and Disruption (Prevention Focus) 4 5 4 4 3Screening, Search, and Detection (Prevention Focus) 3 3 3 4 3Access Control and Identity Verification 4Cybersecurity 4 5 4 4 5Intelligence and Information Sharing (Protection Focus) 4 5 4 4 5Interdiction and Disruption (Protection Focus) 5 5 4 4 4Physical Protective Measures 4 4 5 3 2Risk Management for Protection Programs and Activities 4 4 5 3 5Screening, Search, and Detection (Protection Focus) 4 4 4 4 5Supply Chain Integrity and Security 3 2 4 3 5Community Resilience 4 3 3 3 4Long-term Vulnerability Reduction 4 3 5 6Risk and Disaster Resilience Assessment 4 3 3 3 3Threats and Hazard Identification 4 3 4 3 6Critical Transportation 5 4 5 3 4Environmental Response/Health and Safety 4 3 3 4 3Fatality Management Services 4 5 3 3 3Infrastructure Systems (Response Focus) 2 3 3 3 2Mass Care Services 6 5 3 5 6Mass Search and Rescue Operations 5 5 4 4 5On-scene Security and Protection 5 5 4 4 5Operational Communications 4 4 4 4 5Public and Private Services and Resources 3 3 3 3 3Public Health and Medical Services 4 4 4 4 5Situational Assessment 4 4 4 4 5Economic Recovery 3 3 3Health and Social Services 3 5 5 3 5Housing 3 3 3Infrastructure Systems (Recovery Focus) 3 4 3 3Natural and Cultural Resources 3 4 4 2
Phx UASI 2012 SPR
GAP ANALYSIS
The Gap Analysis is to be based on the difference between the consequences of the threats and current levels of capabilities A capability of 5 has no gap A capability of 4 has a small gap A capability of 3 a bigger gap, etc…
41
NEW UASI STRATEGY
New goals aligned with the NPG Mission Areas and Core Capabilities. Improve Prevention Capabilities Improve Protection Capabilities Improve Mitigation Capabilities Improve Response Capabilities Improve Recovery Capabilities Improve Programmatic Capabilities
42
