Page 1

1—
Introduction

Crises, whether natural disasters such as hurricanes or earthquakes, or human-made disasters, such as terrorist attacks, are events with dramatic, sometimes catastrophic impact. Natural disasters in the United States and its territories were recently estimated as having taken a toll of roughly 6,000 lives between 1975 and 1994, and catastrophic natural disasters have caused dollar losses of about $500 billion during the past two decades, with frequent periods since 1989 when losses averaged about $1 billion per week.1 A single hurricane, Mitch, killed more than 11,000 people and destroyed a substantial portion of the infrastructure in several Central American countries in November 1998.

Crisis management—an activity encompassing the immediate response to such events, recovery efforts, and mitigation and preparedness efforts to reduce the impact of future crises—presents problems of large scale and high complexity (measurable in numbers of people and amount and diversity of data, databases, and applications), unpredictable nature of the local infrastructure and other capabilities, and urgency. Crisis management is an activity in which government plays a key role and in which a broad range of players at all levels of government are involved.

As part of a broader study exploring how information technology

1Denis S. Mileti. 1999. Disasters by Design: A Reassessment of Natural Hazards in the United States. An activity of the International Decade for Natural Disaster Reduction. Joseph Henry Press, Washington, D.C.



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 1
Page 1 1— Introduction Crises, whether natural disasters such as hurricanes or earthquakes, or human-made disasters, such as terrorist attacks, are events with dramatic, sometimes catastrophic impact. Natural disasters in the United States and its territories were recently estimated as having taken a toll of roughly 6,000 lives between 1975 and 1994, and catastrophic natural disasters have caused dollar losses of about $500 billion during the past two decades, with frequent periods since 1989 when losses averaged about $1 billion per week.1 A single hurricane, Mitch, killed more than 11,000 people and destroyed a substantial portion of the infrastructure in several Central American countries in November 1998. Crisis management—an activity encompassing the immediate response to such events, recovery efforts, and mitigation and preparedness efforts to reduce the impact of future crises—presents problems of large scale and high complexity (measurable in numbers of people and amount and diversity of data, databases, and applications), unpredictable nature of the local infrastructure and other capabilities, and urgency. Crisis management is an activity in which government plays a key role and in which a broad range of players at all levels of government are involved. As part of a broader study exploring how information technology 1Denis S. Mileti. 1999. Disasters by Design: A Reassessment of Natural Hazards in the United States. An activity of the International Decade for Natural Disaster Reduction. Joseph Henry Press, Washington, D.C.

OCR for page 1
Page 2 research can enable improved and new government services, operations, and interactions with citizens, the Computer Science and Telecommunications Board's (CSTB's) Committee on Computing and Communications Research to Enable Better Use of Information Technology in Government organized a workshop focused on crisis management (Appendix A). This workshop, on which this summary is based, explored how information technology (IT) research can contribute to more effective crisis management. What Is Crisis Management? Crises are extreme events that cause significant disruption and put lives and property at risk—situations distinct from ''business as usual." The first panel of the six that made presentations at the workshop described a number of different crisis scenarios, covering a scope and scale ranging from localized effects of flash flooding to the regionwide impact of earthquakes and hurricanes to the impacts in cyberspace posed by Y2K computer bugs.2 These case studies, which included both natural disasters and human-made disasters such as nuclear accidents and the effects of a terrorist bombing, provide a sense of the sorts of challenges faced in the crisis management community, as well as a concrete context for the IT-focused discussions that follow. The reader who is unfamiliar with such disaster scenarios may wish to read the case study overviews in Appendix B, which are based on the experiences of crisis managers who participated in the workshop. As used in this report, the term "crisis management" encompasses activities ranging from the immediate response to mitigation and preparedness efforts that are aimed at reducing the impact of future events and take place over a longer time period.3 The following four, commonly described phases of crisis management are referred to throughout this report: 2The workshop from which this report stems focused largely on civilian crisis management, and most of the examples are related to natural disasters as opposed to such threats as the use of weapons of mass destruction by terrorists. However, the essential nature of crisis response in all these cases is not dissimilar. Many of the requirements established by the urgent, disruptive nature of both and the research opportunities discussed in this report are generally applicable to both. 3Two notes on usage. The term "crisis management" is sometimes used to refer only to the response phase and not to other elements of coping with crises such as mitigation efforts to reduce the impact of disasters in the future. Also, in some contexts a distinction is made between "crisis management" and "consequence management." This distinction has been made in a series of presidential decision directives and in the recently added terrorism (footnote continued on the next page)

OCR for page 1
Page 3 • Crisis response is dedicated to the immediate protection of life and property. It requires urgent action and the coordinated application of resources, facilities, and efforts beyond those regularly available to handle routine problems. The response phase includes action taken before the actual crisis event (e.g., when a hurricane warning is received), in response to the immediate impact of a crisis, and as sustained effort during the course of the emergency. Actions taken during the buildup of a crisis situation are designed to increase an organization's ability to respond effectively and might include briefing government officials, reviewing plans, preparing information for release to the public, updating lists of resources, and testing warning and communications systems.4 Preimpact warning systems may be activated, resources mobilized, emergency operations centers activated, emergency instructions issued to the public, and evacuation begun. The emphasis is on saving lives, controlling the situation, and minimizing the effects of the disaster. Crisis response includes the logistics of getting medical care, food, water, shelter, and rescue teams to the scene. Regional, state, and federal resources may be provided to assist with helping those affected and reducing secondary damage, and response support facilities may be established. Eventually, in the aftermath, crisis response becomes a more routine operation and the challenge shifts from the need to get information quickly and comprehensively—but not necessarily entirely accurately—to an emphasis on process, accuracy, and accountability with systems called on to work more in a production mode. For example, activities following the Exxon Valdez disaster ultimately became what might be termed the world's largest rock-washing operation. • Recovery encompasses both short-term activity intended to return (footnote continued from the previous page) annex to the Federal Response Plan, the document that lays out federal agency responsibilities for responding to a crisis (Federal Emergency Management Agency (FEMA). April 1999. Federal Response Plan. FEMA-9230.1 PL, FEMA, Washington, D.C., available online at <http://www.fema.gov/r-n-r/frp>). There, "crisis management" is used to refer to the predominantly law enforcement responsibilities to "prevent, preempt, and terminate threats or acts of terrorism and apprehend and prosecute the perpetrators" whereas "consequence management" refers to measures to protect health and safety, restore services, and provide emergency relief to those affected. For the purposes of this report, the term "crisis management" is understood to encompass the full range of responses to a crisis, but the report does not specifically address requirements unique to law enforcement activities. 4Some of this discussion is adapted from Office of Emergency Services Planning Section. May 1998. California Emergency Plan. Planning Section, Governor's Office of Emergency Services, State of California. Available online from the State of California Governor's Office of Emergency Services Web site at <http://www.oes.ca.gov>.

OCR for page 1
Page 4 vital life-support systems to operation and longer-term activities designed to return infrastructure systems to predisaster conditions. This process is much slower than response, involves administrative work, and is subject to regulations of many kinds (e.g., building codes). Much of this work takes place in an office and requires an appropriate set of tools and supporting network (voice and data) capabilities. • Mitigation, now recognized as the foundation of successful crisis management,5 is the ongoing effort to reduce the impact of disasters on people and property. Mitigation includes steps such as keeping homes from being constructed in known floodplains, proper engineering of bridges to withstand earthquakes, strengthening crisis service facilities such as fire stations and hospitals, and establishing effective building codes to protect property from hurricanes. Mitigation can be a slow, time-consuming process—organizing a community buyout of homes in a threatened area (e.g., in a floodplain) can take many years, for example, because of the politics and the myriad players. The process is administratively intensive and involves countless situation- and location-specific details—a circumstance in which the use of computer systems clearly applies. Predictive models are also an important tool in mitigation efforts. Elevation data combined with hydrological models, for example, permit prediction of areas likely to be affected by riverbed flood. Ground-shaking-intensity modeling allows prediction of the impacts of earthquakes on sites for storage of hazardous materials. • Preparedness covers a range of activities taken in advance of a crisis. It includes day-to-day training and exercises as part of increased readiness, as well as development and revision of plans to guide crisis response and to increase available resources. Preparedness is enhanced by training crisis responders who may be called into action in the event of an emergency. Information technology contributes to a variety of preparedness efforts. For instance, the software tool HAZUS, a product developed by the National Institute for Building Sciences in cooperation with the Federal Emergency Management Agency (FEMA), simulates a postulated earthquake and provides a map-based analysis of casualties, infrastructure and building damage, and dollar losses expected. Another dimension of preparedness is the development, improvement, and testing of information and communication resources required for all phases of crisis management. Systems for remote sensing (Box 1.1) are identified and developed, and the use of information technology tools is practiced, including how to integrate the multiple information resources that are likely to be needed in a crisis. 5See, e.g., Dennis S. Mileti. 1999. Disasters by Design. Joseph Henry Press, Washington, D.C.

OCR for page 1
Page 5

BOX 1.1 Remote Sensing Remote sensing plays an important role in many phases of crisis management, and a number of remote sensing tools are often used to capture spatial information. For example, the Federal Emergency Management Agency (FEMA) makes use of Department of Defense satellites and assigns them, usually just before or after a major emergency, to fly over the affected area and photograph it, a practice that Clay Hollister observed is very useful and can be done reliably and quickly. FEMA receives the sensor information within 24 hours of the flyover, and it is immediately distributed to the federal coordinating officer's team in the field for use in crisis response planning. FEMA does not receive the actual photographs but rather uses and extrapolates the raw data to make maps showing degrees and pockets of damage where, for example, a storm hit One application of remote sensing that FEMA is working to develop, in conjunction with states, is the mapping of flood potential using synthetic aperture radar and light detection and ranging techniques. Flood maps developed from these sources are expected to be much more accurate and useful fer response in the field, as well as for the other phases of emergency management. The Response Phase: Difficult Challenges for Information Technology Crisis response is characterized by the generation and distribution of large amounts of unstructured, multimedia data that must be acquired, processed, integrated, and disseminated in real time. As such, this phase poses many of the most difficult information technology challenges in crisis management and is the context for much of the discussion in this report. The incident command system, a model commonly used to describe the functions required for command, control, and coordination of the response to a crisis, illustrates the range of activities undertaken as part of crisis response.6 The incident commander provides overall command and control for the response effort. Additional command functions, typically carried out by command staff, include disseminating information to media, coordinating with other agencies participating in the response, and ensuring the safety of crisis responders. The incident commander is supported by general staff sections that provide the following functions:7 6See, e.g., Emergency Management Institute. 1998. Incident Command System. Independent Study Course IS-195. Emergency Management Institute, Federal Emergency Management Agency, Emmitsburg, Md. 7Exercise of military command requires a similar set of functions, and an analogous standard framework is used. A task force will typically have divisions responsible for person- (footnote continued on the next page)

OCR for page 1
Page 6 • Planning and intelligence—collection, evaluation, processing, and dissemination of information on situation and resources; documentation of the incident and the response to it; • Operations—direction and coordination of response operations; • Logistics—management of facilities, services, and material needed to support responders; and • Finance and administration—tracking of incident costs and reimbursement accounting. Information Technology Users in Crises Crises touch many people, ranging from the crisis responders who try to reduce the loss of life and property to those in the affected communities who rely on warnings and other information to inform their own, individual responses. Because of the central role of information and communications for each group, information technology research challenges arise when considering how to improve crisis management from the perspective of each group of users. Citizens Information technology aimed at citizens is becoming an increasingly important tool for crisis management. Expanding access to tools such as the Internet and cell phones provides new possibilities for informing and interacting with citizens affected directly by a crisis, as well as for supporting crisis responders. At the same time, however, citizens have become much more dependent on complex infrastructure services (e.g., cash machines and other electronic commerce) whose advent has also increased expectations for speed and ease of access to relief funds. Tele-registration is an example of a technology aimed at improving the services provided to citizens following a disaster (Box 1.2). Crisis Responders Crisis response requires effective delivery to and use of information by many different actors. These crisis responders might be in an incident command post, orchestrating efforts to respond to a disaster, or located in (footnote continued from the previous page) nel; intelligence; operations; logistics; plans and policy; and command, control, communications, and computer systems. See, e.g., Joint Chiefs of Staff (JCS). 1995. Unified Action Armed Forces (Joint Pub 0–2). JCS, Department of Defense, Washington, D.C., p. IV–13. Available online at <
http://www.dtic.mil/doctrine/jel/new_pubs/jp0_2.pdf>.

OCR for page 1
Page 7

BOX 1.2 Tele-registration for Disaster Assistance One component of FEMA's National Emergency Management Information System (NEMIS; see Sox 1.3) is tele-registration in the aftermath of a disaster. Clay Hollister observed In his remarks at the workshop that the federal disaster program used to operate almost entirely with pencils and paper. In the past, FEMA personnel met eye-to-eye with disaster victims, at a table or in a tent, sometimes in pouring rain or snow, even if it meant that victims had to wait in line for as long as 24 hours. Registration had always been done that way—it was preferred because it provided a personal approach. When it was first suggested that victims could call toll-free telephone numbers instead of waiting in line to register, the idea was widely rejected. Still, there were some who saw this as a promising approach. For a time, FEMA was conducting both paper and telephone registrations. Following the Northridge, California, earthquake, however, disaster personnel recognized that they could not use in-person registration to process the claims of the hundreds of thousands of people affected by the disaster. Since that event, tele-registration has become the norm. Its obvious advantages are convenience for victims of natural disasters, improved information management for FEMA, and better use of human resources—the people handling the tele-registration—who can be located outside the affected area. the field, requiring situational information about the disaster itself as well as about their own location and that of other field responders. Common to all crisis responders is the dynamic, stressful nature of the situation and the potential for information overload. Many will have to integrate information from a wide range of sources and be able to coordinate activities among a potentially large, diverse set of individuals and organizations. Government and Other Crisis Management Organizations Government at all levels may be involved in responding to a crisis, with counties, cities, and towns providing the primary response to most emergencies. Thus a major objective is providing these jurisdictions with the resources to meet their disaster needs and maintain continuity of government. During the threat of, or in the midst of actual disaster conditions, local authorities must put emergency response plans into immediate operation and take actions required to cope with disaster situations. Special districts (e.g., for fire protection) also play an important role in emergency preparedness and response. State emergency management offices provide planning, coordinating response and recovery, mitigation, and training. They are responsible for coordinating the provision of mutual aid and the allocation of essential supplies and resources; receiving and disseminating emergency alerts

OCR for page 1
Page 8 and warnings; monitoring and prioritizing resource requests in coordination with federal disaster operations; and, in conjunction with the federal government, directing and coordinating recovery programs to mitigate future disasters and to recover disaster costs. Other state agencies also play a role in crisis management, cooperating as appropriate with state emergency management officials, each other, and other political subdivisions to prepare for, respond to, and mitigate the effects of an emergency. At the federal level, overall responsibility for most emergency preparedness and operational activities is assigned to FEMA.8 To manage its activities, FEMA has recently put a new information technology tool, the National Emergency Management Information System (NEMIS), into production (Box 1.3). Assignments for other federal agencies, based on their regular functions and capabilities in areas ranging from transportation to health and medical service, are detailed in the Federal Response Plan.9 Federal emergency management activities include administering of natural disaster relief programs and responding to technological and other emergencies requiring federal assistance. Initial requests for federal assistance are normally coordinated with FEMA by state officials unless other, more specific procedures are agreed on and contained in mutually approved contingency plans. Nongovernmental organizations also play a significant role in crisis response. The American Red Cross, also a signatory to the Federal Response Plan, provides disaster relief to individuals and families, as well as emergency mass care in coordination with government and private agencies. Other volunteer agencies, such as the Salvation Army, provide important services and resources. Following a disaster, these organizations continue to provide services for their constituents, as well as for the governmental agencies that have need of their unique services. Frequently, these organizations are preidentified through statewide information and referral networks and are trained to maximize their efficiency and ability to be integrated into response-and-relief efforts. 8A newly issued annex to the Federal Response Plan (Federal Emergency Management Agency (FEMA). April 1999. Federal Response Plan. FEMA-9230.1 PL, FEMA, Washington, D.C., available online at <
http://www.fema.gov/r-n-r/frp>) on terrorism gives responsibility for crisis management, which has a significant law enforcement component for this sort of crisis, to the Department of Justice and responsibility for consequence management, that is, coping with the effects of attacks, to FEMA. 9The Federal Response Plan (Federal Emergency Management Agency (FEMA). April 1999. Federal Response Plan. FEMA-9230.1 PL, FEMA, Washington, D.C., available online at <http://www.fema.gov/r-n-r/frp>) is the master document describing the federal government's plans for providing assistance to states in dealing with significant disasters, including planning assumptions, policies, and specific assignments of responsibility to federal departments and agencies in providing assistance.

OCR for page 1
Page 9

BOX 1.3 FEMA's National Emergency Management Information System The National Emergency Management Information System (NEMIS) is a $70 million, 5-year hardware and software automation project initiated in May 1996. This enterprisewide system allows FEMA to better manage the agency's disaster relief program, including recording preliminary assessments of damage, performing incident monitoring, preparing the package requesting a presidential declaration of disaster, tele-registering disaster victims (Box 1.2), collecting and managing data from home inspections, issuing relief checks, and training. Other functions of NEMIS include coordinating and managing the distribution of donated goods and services; logging requests for information from the public; providing support for disaster field offices, including requisitioning supplies, equipment, and services and requesting, allocating, and obligating disaster funding; processing assistance and supporting a FEMA customer helpline; managing requests for and disbursement of assistance for public infrastructure damage; and managing hazard mitigation grants. In addition NEMIS provides a set of common functions, known as NEMIS-Wide, that includes a reference library, correspondence tracker, database for managing the deployment of response workers, and geographical information system tool. Through the FEMA network, NEMIS provides service to the agency's headquarters, national processing service centers, 10 regional facilities, standby warehouses, and disaster field offices. NEMIS is also designed to improve access to state emergency managers. For example, state emergency management offices can dial into NEMIS to check on the status of grants or applicants. As of December 1998, FEMA had used this system to respond to three disasters, and the system was put into production in early 1999. FEMA chief information officer Clay Hollister characterized the system as having a significant effect on the FEMA culture because it automates a great deal of decision making. For example, now that the new system is in place, an applicant for relief funds can call a toll-free telephone number, and an inspector is automatically dispatched to the house to verify that the applicant in fact lives there and to assess the damage. The inspector enters information on the damage into a hand-held computer and downloads the results of the inspection into the NEMIS system. When the application is determined to be valid, a check is issued. _________ SOURCE: Adapted In part from Federal Emergency Management Agency (FEMA). 1999. NEMIS Overview. FEMA, Washington, D.C. Available online at <http://www.nemishome.fema.gov/overview/ov_homepage2.htm>. Business Businesses also play an important role in crisis response, due to both self-interest and the significant resources they can bring to bear. Business and industry leaders recognize that mitigation and preparedness measures can make a difference in terms of a company surviving a disaster, a significant positive outcome for a community that depends on its ser-

OCR for page 1
Page 10 vices. For example, because of the critical role of infrastructures such as gas, electric, telecommunications (including wireless), water, waste-water, and petroleum pipeline industries, the participation and effective coordination of emergency responses with utilities is critical. Emergency planning assists not only businesses but also the community at large by clearly articulating decision-making authority and identifying successors; identifying actions necessary to protect company property and records during disasters; and providing such things as a listing of critical products and services, contacts with local emergency management officials, and methods to provide and accept goods and services from other companies during a crisis situation. (These issues are discussed in the context of electronic commerce in Chapter 3.) Information Technology Challenges and Opportunities in Crisis Management Previous Study All phases of crisis management—response, recovery, mitigation, planning, and preparedness—are information- and communication-intensive efforts that impose demanding requirements on underlying information technologies. Indeed, based on an earlier series of workshops involving computing and communications researchers and crisis management professionals, a previous CSTB committee concluded that preparing for and responding to crises pose demands that cannot be readily satisfied with existing information technology tools, products, and services. Their report, Computing and Communications in the Extreme (National Academy Press, Washington, D.C., 1996), identified opportunities for incremental and more radical innovation in several areas, such as communications (requirements for communications networks extending from hand-held radios and the public telephone network to high-speed digital networks for voice, video, and data); information processing and management technologies (support for resource discovery, dealing with uncertainty, modeling and simulation, and multimedia fusion and integration of information); and technologies to support the instant bureaucracies that form and must collaborate in managing a given crisis (including support in stressful contexts and to meet needs for ease of use, ease of learning, adaptability, and judgment in decision making) (see Appendix C).

OCR for page 1
Page 11 This Workshop Report This workshop report builds on that earlier experience and can be distinguished from it in several ways. Since the mid-1990s, some aspects of the information technology base available for crisis management have changed. The leading example is the Internet, which in the past several years has become a pervasive element of the communications infrastructure that is being used in all aspects of crisis management, providing at least part of the means for information exchange between organizations and for individualized interactions with citizens, just as it does throughout government and society at large. More generally, citizens and crisis responders alike with access to computers and the Internet are more likely to make regular use of networked information resources. Another change, spurred by the rapid emergence of the Internet, has been the rapid growth of electronic commerce, which presents both new challenges and new opportunities for crisis management. Moreover, the context of this inquiry differs from that for the earlier effort. This workshop report summarizes the first phase of a study that is examining the application of information technology research across government. An effort thus has been made to explore a range of crisis management activities, including some that have analogues elsewhere in government, such as how government and individual citizens, or government and business, interact. Also, the overall study of which this workshop report is a part more strongly emphasizes the process by which the IT research community can collaborate with the crisis management community and by which IT innovation can be translated into improvements in the technologies and systems used in government. Experience has shown that research and application communities both potentially benefit from interaction. The introduction of new IT frequently enables organizations not only to optimize the delivery of existing capabilities but also to deliver entirely new capabilities. That is, advances in information technology research represent opportunities not only for increased efficiency but also for a change in the way government works, including the delivery of new kinds of services and new ways of interacting with citizens. Collaboration with government agencies also represents a significant opportunity for IT researchers. Government in general, and crisis management in particular, provides a set of real, frequently large-scale application domains in which to test new ideas—applications that have texture, richness, and veracity that are not available in laboratory studies.

OCR for page 1
Page 12 A first step in such interactions is the discussion of needs and the identification of opportunities. Chapter 3 of this workshop report explores a number of research topics that emerged during the discussions summarized here—opportunities that were identified as addressing the demanding requirements of crisis management and presenting interesting research problems in their own right. In addition to yielding these specific opportunities, the discussions resulted in another outcome: an increased recognition of the potential of such interaction. Indeed, both crisis management professionals and IT researchers who had expressed some initial skepticism about the benefits of such research indicated after the workshop that the discussions had increased their awareness of the interesting challenges and possible opportunities offered by the conduct of IT research for crisis management. The development of a comprehensive set of specific requirements or a full, prioritized research agenda is, of course, beyond the scope of a single workshop, and this report does not presume to do either. Nor is it an effort aimed at identifying immediate solutions (or ways of funding and deploying them). Rather, it examines opportunities for engaging the information technology research and crisis management communities in longer-term research activities of mutual interest and illustrates substantive and process issues relating to collaboration between them.