Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
0
1 2
3
National Emergency
Communications Plan
2019
1
Table of Contents 4
Executive Summary ................................................................................. 1 5
Introduction .............................................................................................. 4 6
Emergency Communications Ecosystem ................................................. 8 7
NECP Strategic Goals ............................................................................ 11 8
Goal 1: Governance and Leadership ........................................................................ 13 9
Goal 2: Planning and Procedures ............................................................................ 19 10
Goal 3: Training, Exercises, and Evaluation ............................................................ 23 11
Goal 4: Communications Coordination ................................................................... 28 12
Goal 5: Technology and Infrastructure .................................................................... 33 13
Goal 6: Cybersecurity ............................................................................................. 37 14
Implementing the NECP ........................................................................ 40 15
Conclusion ............................................................................................. 42 16
Annex I: Success Indicator Descriptions .............................................. 43 17
Appendix 1. Requirements Matrix ........................................................ 63 18
Appendix 2. Key Authorities ................................................................ 64 19
Appendix 3. Roles and Responsibilities ................................................ 66 20
Appendix 4. SAFECOM Interoperability Continuum .......................... 73 21
Appendix 5. Source Documents ............................................................ 74 22
Appendix 6. Glossary ............................................................................ 75 23
Appendix 7. Acronyms ......................................................................... 84 24
25
1
Executive Summary 26
In 2008, the Department of Homeland Security (DHS) published the first National 27
Emergency Communications Plan (NECP) to accelerate improvements for public 28
safety communications nationwide. Title XVIII of the Homeland Security Act of 29
2002, as amended, directs the DHS Office of Emergency Communications (OEC) 30
to develop and periodically update the NECP in coordination with local, state, 31
territorial, tribal, federal, and private sector stakeholders. The law also directs the 32
NECP to set benchmarks for enhancing emergency communications capabilities 33
and for OEC to measure progress toward achieving those milestones. 34
To prepare stakeholders for rapid technological change and its associated risks, OEC led a national effort to 35
update the NECP in 2014 and 2019. The NECP addresses the integration of technologies (e.g., land mobile 36
radio; Next Generation 911; high-speed broadband; alerts, warnings, and notifications systems) and standard 37
processes to support the interoperability of systems and services for voice, video, and information exchange 38
among the responder and partner communities. Communities are preparing for the First Responder Network 39
Authority’s nationwide broadband communications platform to supplement existing systems and provide 40
public safety users with dedicated spectrum, added broadband capabilities, and advanced technologies. 41
However, network integration presents cybersecurity risks as a result of interconnected, Internet-based 42
technologies. The NECP examines current challenges and opportunities for improving emergency 43
communications capabilities in new goals for technology, infrastructure, and cybersecurity. 44
OEC collaborated with public safety community 45
members nationwide to develop the third iteration of 46
the NECP. It provides guidance to those that plan for, 47
coordinate, invest in, and use communications to 48
support response and recovery operations. This 49
includes traditional emergency responder disciplines 50
(e.g., law enforcement, fire, emergency medical 51
services, dispatch) and other entities that share 52
information during emergencies, such as medical 53
facilities, utilities, nongovernmental organizations, as 54
well as the media and private citizens. 55
Given the diverse entities directly involved, 56
supporting, or impacted by emergencies, the 57
Emergency Communications Ecosystem concept 58
expands to include the various functions and people 59
that exchange information prior to, during, and after 60
incidents. Individuals with roles in emergency 61
communications are not limited to government 62
agencies, traditional emergency responder disciplines, 63
or jurisdictional boundaries. The Ecosystem is 64
dynamic, depending on the incident or planned event. 65
It is multi-directional—anyone can initiate emergency 66
communications. 67
2
Over the next five years, OEC will focus on implementing the goals and objectives articulated in the NECP. 68
These critical components for advancing emergency communications fall under three national priorities: 69
Enhance effective governance across partners with a stake in emergency communications, embracing a 70
shared responsibility of the whole community; 71
Address interoperability challenges posed by rapid technology advancements and increased data sharing, 72
ensuring critical information gets to the right people at the right time; and 73
Build resilient and secure emergency communications systems to reduce cybersecurity threats and 74
vulnerabilities. 75
To achieve these priorities, OEC centered the NECP around six goals that build on foundational concepts in 76
the 2008 and 2014 plans, align to the SAFECOM Interoperability Continuum, and consider new risks and 77
threats that need to be addressed today. The NECP goals are strategic in nature and aim to enhance emergency 78
communications capabilities at all levels of government and in coordination with the private sector, 79
nongovernmental organizations, and other key partners across the community. The six NECP goals are: 80
Goal 1 - Governance and Leadership: Develop and maintain effective emergency communications 81
governance and leadership across the Ecosystem 82
Goal 2 - Planning and Procedures: Develop and update comprehensive emergency communications 83
plans and procedures that address the evolution of risks, capabilities, and technologies across the 84
Ecosystem 85
Goal 3 – Training, Exercises, and Evaluation: Develop and deliver training, exercise, and evaluation 86
programs that target gaps in all available emergency communications technologies 87
Goal 4 - Communications Coordination: Improve effective coordination of available operable and 88
interoperable public safety communications capabilities for incidents and planned events 89
Goal 5 – Technology and Infrastructure: Improve lifecycle management of the systems and equipment 90
that enable emergency responders and public safety officials to share information efficiently and securely 91
Goal 6 - Cybersecurity: Strengthen the cybersecurity posture of the Emergency Communications 92
Ecosystem 93
Within each goal, the NECP provides objectives for stakeholders to attain these goals, as well as defines 94
success indicators that result from implementing the objectives. To implement the 2019 NECP, OEC will 95
coordinate with public safety agencies and partners from across the Nation through partnerships such as 96
SAFECOM, the Emergency Communications Preparedness Center, and the National Council of Statewide 97
Interoperability Coordinators, among others. DHS and its partners will identify strategies to accomplish the 98
NECP’s goals and objectives, especially as they align with data collected and gaps reported in the Nationwide 99
Baseline Communications Assessment. The NECP results will help DHS and public safety communications 100
stakeholders target their resources to improve national capabilities. 101
The future of emergency communications is at a critical juncture. Through the NECP and the work of OEC and 102
its partners, DHS is committed to supporting our Nation’s emergency responders as they strive to meet their 103
missions and achieve the long-term vision of the NECP.104
3
105
NECP VISION …………………………………………………………………..
To enable the Nation’s emergency response community to
communicate and share information securely across communications
technologies in real-time, including all levels of government,
jurisdictions, disciplines, organizations, and citizens impacted by any
threats or hazards event.
4
Introduction 106
Emergency communications are critical to the Nation’s response to devastating 107
natural disasters, active shooter incidents, terrorist threats, and routine events 108
affecting our communities every day across America. When faced with these 109
situations, the public safety community has a collective responsibility to share 110
information. Achieving this goal requires emergency communications capabilities 111
that are resilient and secure today, yet agile enough to leverage advanced and 112
emerging technologies tomorrow. This important component of national 113
preparedness relies on coordinated input from our whole community—every 114
member contributes, including individuals, the private sector, non-profits, and all 115
levels of government (e.g., local, state, territorial, tribal, federal). 116
Since the Department of Homeland Security’s (DHS) 117
establishment in 2003, one of its top priorities has 118
been to improve communications capabilities among 119
the public safety community. DHS has partnered 120
with emergency responder agencies to ensure access 121
to reliable, secure, and interoperable communications 122
at all times in order to save lives, protect property 123
and the environment, stabilize communities, and meet basic human needs following an incident. 124
The Homeland Security Act of 2002 (6 United States Code § 572) as amended, provided renewed focus and 125
vitality to this critical homeland security mission. The legislation established the DHS Office of Emergency 126
Communications (OEC) to lead development and implementation of a comprehensive approach to advancing 127
national interoperable communications capabilities. To achieve this objective, the Act also required OEC to 128
develop the National Emergency Communications Plan (NECP) to “provide recommendations regarding how 129
the United States should support and promote the ability of emergency response providers and relevant 130
government officials to continue to communicate in the event of disasters and to ensure, accelerate, and attain 131
interoperable emergency communications nationwide.” Appendix 1 details statutory requirements for the 132
NECP. 133
OEC collaborates closely with the public safety 134
community to support and promote effective 135
emergency communications through stakeholder-136
driven programs and services. Over the next five 137
years, OEC will focus its efforts on implementing 138
the goals and objectives articulated in the NECP. 139
These critical components for advancing 140
emergency communications fall under three 141
national priorities: first, to enhance effective 142
governance across partners with a stake in 143
emergency communications, embracing a shared 144
responsibility of the whole community, from 145
traditional emergency responders and supporting 146
entities to the citizens served; second, to address 147
interoperability challenges posed by rapid technology advancements and increased information sharing, 148
ensuring the most critical information gets to the right people at the right time; and third, to build resilient and 149
Emergency Communications
National Priorities 134
135
136
137
138
139
140
141
142
143
144
145
146
147
5
secure emergency communications systems to reduce cybersecurity threats and vulnerabilities, as introduced 150
through Internet Protocol (IP)-based technologies and services. 151
Purpose 152
As the Nation’s strategic plan for emergency communications, the NECP establishes a vision to enable the 153
public safety community and citizens to communicate and share information securely across communications 154
technologies in real-time, including all levels of government, jurisdictions, disciplines, and organizations 155
impacted by any threats or hazards event. To achieve this vision, the NECP outlines nationwide goals and 156
objectives to improve critical capabilities through partnerships, joint planning, and unified investments across 157
levels of government. 158
Its focus is to ensure the public safety community is collectively driving toward a common end-state for 159
communications. To envision a desired future state, OEC examined current strategies, resource decisions, and 160
investments for emergency communications and impacts from an ever-evolving environment. Through 161
ongoing coordination with emergency responders, OEC 162
tracks the many accomplishments since implementing 163
the first NECP and understands the remaining hurdles 164
to be cleared. 165
OEC conducted the SAFECOM Nationwide Survey and 166
resulting 2018 Nationwide Communications Baseline 167
Assessment, in which thousands of public safety 168
agencies and organizations participated. Additionally, 169
an extensive stakeholder engagement process was used 170
to identify challenges facing emergency 171
communications and propose solutions to address them. 172
Representatives of major public safety organizations, 173
government agencies, and key industry partners from 174
the communications and information technology sectors 175
provided input to the NECP. They recommended 176
updating the NECP’s vision, goals, and objectives to 177
reflect current capability gaps and improvements 178
needed to become a nationwide community that can 179
exchange information securely at any time. The 2019 180
NECP supersedes the 2014 NECP and is effective 181
immediately. 182
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
6
Scope 183
The NECP serves as the Nation’s strategic plan to 184
improve emergency communications. It provides 185
guidance to those that plan for, coordinate, invest in, and 186
use communications to support response and recovery 187
operations. This includes traditional emergency 188
responder disciplines (e.g., law enforcement, fire, 189
emergency medical services [EMS], dispatch) and other 190
entities that share information during emergencies. 191
The NECP is also designed for local, state, territorial, 192
tribal, and federal government personnel who are 193
responsible for setting mission priorities, developing 194
budgets, and planning for and acquiring communications 195
technology assets. 196
The strategic components of the NECP, as depicted in 197
exhibit 1, establishes the strategy to meet the NECP’s 198
goals and objectives and better position the whole 199
community for the future. 200
Whole Community Partners
Law Enforcement
Fire
Emergency Medical Services
Dispatch
Public Works and Services
Public Health and Medical Facilities
Transportation Agencies, Utilities,
Critical Infrastructure Operators, and
Commercial Service Providers
Nongovernmental Organizations,
International Partners, and Auxiliary
Resources
Media
Private Citizens
Elected and Appointed Officials,
Local, State, Territorial, Tribal, and
Federal Government Personnel
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
7
201
Exhibit 1: NECP Strategy 202
8
Emergency Communications Ecosystem 203
Since the first NECP publication in 2008, the public safety community has made 204
significant strides to enhance governance structures, adopt common policies and 205
procedures, expand training and exercise programs, migrate legacy systems and 206
integrate new technologies, and mitigate growing cyber threats. These efforts are 207
not constrained within the limits of traditional emergency response of law 208
enforcement, fire, EMS, and dispatch. Instead, entities with different 209
communications functions, including supporting organizations, decision makers, 210
and citizens, rely on one another to exchange information prior to, during, and after 211
incidents—a concept formally referred to as the Emergency Communications 212
Ecosystem. 213
The public safety community continues to prioritize maintaining land mobile radio (LMR) and data exchange 214
systems and improving operability, interoperability, and resiliency. Emergency responders are also embracing 215
emerging technologies and integrating them with existing systems. With the First Responder Network 216
Authority’s (FirstNet) implementation of the nationwide public safety broadband network, agencies will be 217
able to supplement existing systems to provide public safety users with dedicated spectrum, added broadband 218
capabilities, and advanced technologies to increase situational awareness. Network integration presents new 219
cybersecurity risks as a result of interconnected, IP-based technologies. It requires implementing effective 220
strategies to enhance the resiliency of IP-based infrastructures and safeguard private or sensitive information 221
transmitted across systems and devices, while also enabling response. 222
Response agencies are becoming more connected to other entities that also exchange information during 223
emergencies, such as medical facilities, critical infrastructure operators, and citizens. While these individuals 224
are not typically trained responders, they can share valuable information during response and recovery efforts. 225
Social media use is increasing. Responders need to develop best practices for engaging with the public, and 226
analyzing social media to gain situational awareness in times of civil unrest, emergencies, and disasters. 227
Agencies also face challenges retaining qualified communications personnel, securing adequate funding for 228
ongoing operations and maintenance, and navigating complex and varying governance structures to formalize 229
partnerships and establish resource sharing agreements. 230
To organize the whole community toward the National 231
Preparedness Goal, the National Response Framework 232
and National Incident Management System (NIMS) 233
guide how public safety responds to all types of 234
emergencies. These guiding principles are built on 235
scalable, flexible, and adaptable concepts for managing 236
incidents that range from the serious but purely local, to 237
large-scale terrorist attacks or catastrophic natural 238
disasters. They define roles, responsibilities, and 239
The Emergency Communications Ecosystem is comprised of the
various functions and people that exchange information prior to,
during, and after incidents
National Preparedness Goal
A secure and resilient Nation with the capabilities
required across the whole community to prevent,
protect against, mitigate, respond to, and recover
from the threats and hazards that pose the greatest
risk
231
232
233
234
235
236
237
238
239
9
coordinating structures for delivering core capabilities required to respond to an incident and how response 240
efforts integrate with other preparedness mission areas—Prevention, Protection, Mitigation, and Recovery. 241
Incorporating the National Response Framework and NIMS principles, the Emergency Communications 242
Ecosystem is comprised of the various functions and people that exchange information prior to, during, and 243
after incidents. The Ecosystem includes the 244
breadth of organizations and individuals with 245
roles in emergency communications, beyond 246
traditional emergency responder disciplines, 247
government agencies, and jurisdictional 248
boundaries. The Ecosystem is dynamic, not 249
everyone is needed every day depending on the 250
incident or planned event. It is also multi-251
directional, as anyone can initiate emergency 252
communications, including supporting entities or 253
private citizens. 254
Understanding the Ecosystem, exhibit 2, provides 255
agencies with a full picture of emergency 256
communications functions necessary to achieve 257
reliable, secure, and interoperable emergency 258
communications, which include: reporting and 259
requests for assistance; incident coordination and 260
response; alerts, warnings, and notifications; and 261
public interaction. These primary functions, the 262
timeframes when they occur, their purpose, and 263
examples of each are listed below. 264
265
10
266
Exhibit 2: Emergency Communications Ecosystem
11
267
268
269
270
271
NECP Strategic Goals 272
273
274
NECP Strategic Goals Goal 1: Governance and Leadership
Goal 2: Planning and Procedures
Goal 3: Training, Exercises, and Evaluation
Goal 4: Communications Coordination
Goal 5: Technology and Infrastructure
Goal 6: Cybersecurity
12
Develop and maintain effective emergency communications 275
governance and leadership across the Ecosystem 276
Objective 1.1: Formalize governance through policy, documentation, and adequate 277
funding 278
Objective 1.2: Structure more inclusive governance by expanding membership 279
composition 280
Objective 1.3: Adopt adaptive governance strategies to address the rapid evolution of 281
technologies, capabilities, and risks 282
Goal 1: Governance and Leadership
13
Goal 1: Governance and Leadership 283
Effective coordination and decision making are critical first steps to ensuring successful emergency 284
communications. Achieving this requires robust governance structures and processes designed to ensure 285
accountability, inclusiveness, adaptability, and action. The strength of emergency communications 286
governance is not measured by its ability to maintain status quo, but to drive improvements in balance with 287
the rapid evolution of technologies. 288
Public safety continues to expand its network of partners to include those involved in receiving and sharing 289
information during day-to-day efforts or out-of-the-ordinary, large-scale events. Partnership coordination is 290
further strengthened and verified by establishing formal decision-making bodies, gaining fiscal and 291
legislative support from elected and appointed officials, creating consistent policy, and addressing regulatory 292
change. Governance bodies benefit from the contributions of representatives from all organizations with a 293
role in these operations, including those outside the realm of traditional response (i.e., law enforcement, fire, 294
EMS, and dispatch). With the adoption and integration of new technologies, governance is an initial step 295
toward preparing first responders to manage increased information and data exchange across organizations 296
and the risks they bring. Emergency communications governance remains the primary mechanism through 297
which collaborating agencies establish processes and plans, determine and address capability gaps, and 298
achieve progress toward interoperability. 299
Formalized governance provides a unified approach 300
across multiple disciplines, jurisdictions, and 301
organizational functions. Written agreements, backed by 302
formal governance, establish common goals and 303
minimize risk for the communities they serve. Formal 304
governance structures, such as Statewide Interoperability 305
Governing Bodies (SIGBs), Statewide Interoperability 306
Executive Committees (SIECs), and Statewide 911 307
Boards, provide a foundation for public safety entities to 308
collaborate, plan, and make decisions on strategies and 309
operations that mutually support the investment, 310
sustainment, and advancement of communications-311
related initiatives. Establishing statewide governance or 312
revising the functions of existing bodies through statutes 313
or Executive Orders formalizes the group’s authority to 314
make funding recommendations supported through the 315
state’s general funds or federal grant allocations. A 316
group’s charter or bylaws also authorizes the existence of 317
the group and clarifies governance operations and roles, 318
providing details on how to align its vision to longer-319
term decision-making strategies. 320
Robust governance establishes and maintains central coordination points or decision-making bodies to lead 321
the management and administration of emergency communications systems and services, resource allocation 322
and project prioritization, and collaboration necessary for achieving a strategic vision for interoperability. For 323
instance, the Statewide Interoperability Coordinator (SWIC) plans and implements the statewide 324
Objective 1.1. Formalize governance through policy, documentation, and adequate funding
14
interoperability program, guided by initiatives outlined in the NECP and the Statewide Communication 325
Interoperability Plan (SCIP). 326
As such, SWICs act as linchpins establishing and maintaining emergency communications governance and 327
planning across each state or territory by bringing together stakeholders from a broad spectrum of public 328
safety communications systems and services. Despite the benefits of having a full-time SWIC, exhibit 3 329
demonstrates a decline in overall SWICs between 2010 and 2017. Federal departments and agencies and 330
tribes also benefit from having a similar coordination point or governance mechanism parallel to the SWIC to 331
implement interoperability policies, decisions, and processes currently scattered across its bureaus, 332
components, offices, and programs. The following are indicators of success for this objective. 333
Success Indicators 334
States and territories create or revise policy and plans to formalize and fund emergency 335
communications governance bodies, such as SIGBs 336
Governance bodies develop and implement governing documents, such as charters or bylaws, to 337
clarify roles, purpose, authority, and methods for adapting to change 338
States and territories provide funding, authority, and governance to support a full-time SWIC in 339
each state or territory, such as the development of legislative language and mandates 340
State and territory governance bodies prioritize communications needs and coordinate with the 341
SWIC and other state-level planners on applications for federal financial assistance 342
Federal departments or agencies establish a federal interoperability office or designate a Federal 343
Interoperability Coordinator 344
Supporting Your SWIC
15
Governance benefits from including a variety of traditional and non-traditional entities supporting public 345
safety, such as tribes, EMS, nongovernmental organizations (NGOs), public works, utilities, forestry 346
services, military, private sector, and the American Red Cross. Successful coordination requires planning 347
discussions across these entities through governance and the involvement of potentially under-represented 348
organizations or sectors when developing strategic, operational, and contingency plans. 349
As the Nation experiences unprecedented 350
changes in system connectivity, the types of 351
technologies used, and the flow and potential 352
exposure of data, information technology (IT) 353
officers, such as the Chief Information Officer 354
(CIO), bring technical expertise and increases 355
public safety community end-user-356
coordination. Their participation on 357
subcommittees related to new technologies, 358
threats, and issues provides subject matter 359
expertise when coordinating the integration of 360
IP-based and advanced technologies. Formal 361
participation of elected officials and decision 362
makers allows those making fiscal and policy 363
decisions to better understand emergency 364
communications priorities, empowering them 365
to take informed action. Formal collaboration 366
also provides greater access to and 367
understanding of strategic plans and short- and 368
long-term priorities, as well as the ability to 369
contribute to the formation of solutions, and 370
necessary support, for key priorities and 371
challenges at state, local, tribal, and territorial 372
levels. The following are indicators of success 373
for this objective. 374
375
Success Indicators 376
Governance bodies identify and include missing or underrepresented partners (i.e., jurisdictions, 377
tribes, sectors, organizations) in formal governance structures, when developing strategic and 378
operational plans and policies, and during training and exercises 379
Governance bodies include information management, network infrastructure, and cybersecurity 380
representatives through membership or formalized coordination 381
Governance bodies coordinate with elected officials to champion public safety communications 382
priorities and lifecycle planning among decision makers 383
Objective 1.2. Structure more inclusive governance by expanding membership composition
Tribal Resources for Coordination
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
16
Building resilient emergency communications is dependent on our capacity to adapt when facing sudden 384
disruption or ongoing, slow-moving change, such as the adoption of a new technology. Adaptive governance 385
models are flexible and support collaborative decision-386
making to build resilience in response to new 387
Ecosystem challenges. This approach considers not 388
only adjustments to stakeholder participation and 389
integrated planning, but governance processes and 390
arrangements that promote the investment of time and 391
resources toward innovation and cross-organizational 392
learning. In the context of emergency communications, 393
public safety organizations should embrace initiatives 394
promoting innovation and technology integration, such 395
as information sharing (e.g., voice, text, video) and 396
smart spectrum optimization, or mitigating their 397
associated risks (e.g., cyber-attacks, interoperability), 398
such as amendments to policy, regulation, and funding 399
for more effective cybersecurity. 400
Adaptive governance regularly considers the entities involved in emergency communications (social), the 401
creation and adoption of communications innovations (technology), changes to policies and laws affecting 402
the public safety communications community (political), and shifts in grant funding and the need to identify 403
alternative resources (economic). Adaptive governance models may also consider a phased approach to 404
strategic planning, forecasting needs in the short-, mid-, and long-term, to convey the value of investments to 405
heads of municipalities, town managers, city councils, and other officials. The following are indicators of 406
success for this objective. 407
Success Indicators 408
Governance bodies undertake technology integration and migration initiatives (e.g., broadband, 409
911, alerts and warnings, information management, network infrastructure, cybersecurity) to guide 410
implementation by public safety 411
Governance bodies identify and address legislative and regulatory issues associated with emerging 412
technology 413
Organizations supporting public safety communications formalize and regularly review cross-414
jurisdictional, multi-state, or multi-organizational agreements (e.g., memoranda of understanding, 415
memoranda of agreement, mutual aid agreements) to account for changes to resources, 416
capabilities, and information or technology sharing needs 417
Objective 1.3. Adopt adaptive governance strategies to address the rapid evolution of technologies, capabilities, and risks
Proactive Engagement
17
The Emergency Communications Preparedness Center (ECPC) serves as a decision-making body 418
guiding lessons learned, best practices, and partnerships for federal organizations implementing 419
new capabilities 420
Adapting Foundational Governance Practices: The 2018 SAFECOM and
NCSWIC Governance Guides
18
Develop and update comprehensive emergency 421
communications plans and procedures that address the 422
evolution of risks, capabilities, and technologies across the 423
Ecosystem 424
Objective 2.1: Develop and regularly-update strategic plans to align with the NECP 425
and address the integration of new emergency communications capabilities (i.e., voice, 426
video, data) 427
Objective 2.2: Align emergency communications funding and investments with 428
strategic and lifecycle planning 429
Objective 2.3: Incorporate risk management strategies to protect against and mitigate 430
disruptions to mission critical communications 431
Goal 2: Planning and Procedures
19
Goal 2: Planning and Procedures 432
With the appropriate governance in place, formal written strategies, plans, and procedures guide the 433
deployment of resources and technologies to achieve interoperable communications. Organizations increase 434
their effectiveness by routinely updating these documents to evaluate the long-term direction of formal 435
emergency communications guidance, including forecasting and gaining support for funding requirements 436
through robust lifecycle planning. Rapid technological change requires frequent reexamination of guidance 437
providing strategies to address the evolution of risks. 438
Given the rapidly evolving emergency communications and IT environment, public safety organizations 439
improve voice, video, and data interoperability and information exchange by planning for new investments, 440
maintaining and modernizing legacy systems, and identifying personnel and training needs to meet new 441
challenges. Strategic plans and roadmaps enable an organization to document its vision for the benefit of 442
staff and partner agencies to prioritize communications resources, strengthen governance structures, identify 443
future communications investments, and resolve long-standing interoperability issues. Effective strategic 444
plans consider multi-jurisdictional needs, standardization of technology interfaces in their own community 445
and with surrounding jurisdictions, and processes for testing and updating plan milestones at all levels of 446
government. Additionally, strategic planning for data interoperability incorporates new partners, such as 447
private and health sectors; legal and policy aspects of information and data sharing; funding support for 448
integration and interface; security concerns and solutions; and preparations for forward compatibility of 449
evolving technologies. 450
The SCIP is the primary emergency communications strategy for each state or territory, defining critical 451
emergency communications capabilities and needs. States and territories work with SWICs to align 452
investments with SCIPs and individual implementation plans to improve communications. Since many 453
federal emergency communications grants require recipients to align their projects to the SCIP, local, state, 454
territorial, and tribal public safety agencies benefit from contributing to the development or revision of SCIP 455
content as it pertains to priorities across communities. For federal departments and agencies, the ECPC 456
works with personnel to ensure they have the tools needed to develop, coordinate, and share unique strategic 457
plans across the interagency community to identify opportunities for cooperation. The following are 458
indicators of success for this objective. 459
Success Indicators 460
Public safety organizations use strategic implementation plans (e.g., SCIPs, Regional 461
Interoperability Communications Plans, Next Generation911 Plans, Cybersecurity Plans) to 462
measure progress against NECP objectives and any additional state or territory objectives, and 463
update plans annually 464
Federal agencies or departments develop emergency communications strategic plans in 465
coordination with the ECPC 466
467
Objective 2.1. Develop and regularly-update strategic plans to align with the NECP and address the integration of new emergency communications capabilities (i.e., voice, video, data)
20
Public safety organizations rely on complex, often expensive, systems to carry out their missions. According 468
to findings from the 2018 Nationwide Communications Baseline Assessment, most public safety 469
organizations have either no funding or insufficient funding for capital investments in interoperability 470
solutions, interoperability-related operations, and maintenance costs. At the agency level, shortfalls in 471
funding continue to affect the ability to properly maintain systems, conduct overall system lifecycle planning, 472
and make decisions. Lifecycle planning requires public safety organizations at all levels of government to 473
collaboratively and regularly assess needs, hazards, risks, and threats in the current environment and through 474
the expected evolution. Consideration of short- and long-term evolution enables an organization to determine 475
its needs and requirements as part of the lifecycle planning process. Identification of funding mechanisms to 476
support those needs and requirements is a key component of lifecycle planning, as costs can be a determining 477
factor in the replacement or refreshment of systems. 478
SAFECOM has produced a vast catalog of resources through its Funding and Sustainment Committee, 479
including the annual SAFECOM Guidance on Emergency Communications Grants, which provides 480
recommendations to grant applicants seeking federal funding, including allowable costs and applicable 481
standards. Additional resources are available on the SAFECOM Funding website, including guidance for 482
lifecycle planning and identifying funding solutions. Public safety agencies seeking to effectively manage the 483
ongoing investments necessary for systems and equipment may refer to the 2018 SAFECOM and NCSWIC 484
Emergency Communications System Lifecycle Planning Guide’s recommendations, checklists, and 485
suggested timelines. Public safety increasingly understands the need to diversify funding mechanisms and 486
resources in their efforts to prioritize system sustainment and upgrade, as detailed in the 2018 SAFECOM 487
and NCSWIC Funding Mechanisms for Public Safety Communications Systems, which lists real-world 488
examples for other agencies to consider. The following are indicators of success for this objective. 489
Success Indicators 490
Federal funding authorities develop federal grant guidance for emergency communications 491
governance and investments consistent with guidelines provided by SAFECOM and the NECP 492
Public safety organizations develop and use lifecycle plans to inform agency funding decisions and 493
implement new technologies while maintaining necessary legacy and back-up systems 494
Public safety organizations and governing bodies identify sustainable funding mechanisms to 495
support the lifecycle planning model 496
The modernization of our emergency communications systems (e.g., Internet of Things [IoT], next 497
generation, data interoperability, social media, encryption) brings a wealth of new capabilities, as well as 498
associated risks (e.g., system failure, cyber-attacks, data breaches). The DHS Threat and Hazard 499
Identification and Risk Assessment (THIRA) and Stakeholder Preparedness Review (SPR) are helpful when 500
conducting state-level, emergency communications capability evaluations. Communities participate in these 501
Objective 2.2. Align emergency communications funding and investments with strategic and lifecycle planning
Objective 2.3. Incorporate risk management strategies to protect against and mitigate disruptions to mission critical communications
21
interconnected processes to evaluate preparedness, including capabilities for emergency communications. 502
Local and state decision makers and SWICs should apply information within these assessments to direct 503
funding and sustainment resources to new and legacy emergency communications systems. 504
Determining and testing strategies to increase the resiliency of public safety networks and the personnel who 505
run them also help to prevent catastrophic loss of critical communications to end-users during emergencies or 506
disasters. Despite its importance, however, less than half of public safety organizations build processes into 507
their plans to ensure continuity during out-of-the-ordinary emergencies or disasters, as shown in exhibit 4. 508
Incident Response Teams (IRTs), incident response 509
plans, recovery or resiliency plans, and continuity 510
of operations plans are useful in cybersecurity 511
incident response. IT administrators may consider 512
establishing a Computer Security Incident 513
Response Team (CSIRT) or reach an agreement 514
with the U.S. Computer Emergency Readiness 515
Team (US-CERT), run by DHS National 516
Cybersecurity and Communications Integration 517
Center (NCCIC), to assist in cybersecurity 518
planning. Additionally, coordinating response and 519
recovery efforts with the SWIC and other IT 520
administrators can increase cybersecurity posture. 521
The following are indicators of success for this 522
objective. 523
Success Indicators 524
Local public safety organizations work with state agencies to evaluate emergency communications 525
threats, hazards, and needs in formal capability reporting mechanisms (e.g., THIRA, SPR) 526
Public safety organizations incorporate risk management strategies into plans for continuity and 527
recovery of critical communications 528
Public safety organizations that use IT have a cybersecurity incident response plan in place 529
Public safety organizations perform resiliency assessments and mitigate vulnerabilities 530
Exhibit 4. Percentage of public safety organizations whose
strategic planning process does not ensure continuity in out-
of-the-ordinary situations
22
Develop and deliver training, exercise, and evaluation programs 531
that target gaps in all available emergency communications 532
technologies 533
Objective 3.1: Update and implement training and exercise programs to address gaps 534
in emergency communications 535
Objective 3.2: Incorporate human factors in training and exercises to address the 536
demands that voice, data, and video information place on personnel 537
Objective 3.3: Ensure training addresses information sharing (i.e., voice, video, data) 538
for multi-agency responses 539
Goal 3: Training, Exercises, and Evaluation
23
Goal 3: Training, Exercises, and Evaluation 540
Effective training and exercise programs bolster emergency professionals’ proficiency with communications 541
equipment, as well as improve their ability to execute policies, plans, and procedures governing the use of 542
communications. The 2018 Nationwide Communications Baseline Assessment findings reflect strong 543
participation in training and exercise programs, indicating progress in the right direction. However, as new 544
and emerging technologies are introduced, it is vital for training and exercise programs to evolve as well, 545
allowing personnel to routinely practice with new communications capabilities, maximizing their benefits. It 546
is pertinent for the public safety community to support communications-specific training and exercise 547
programs, proper evaluation to identify and close gaps, expansion of regular training and exercises through 548
increased awareness and augmentation of available opportunities, and more aggressive tracking and use of 549
NIMS/Incident Command System (ICS)-capable communications support personnel. 550
While the public safety community has made 551
progress, there remains a need to update and 552
implement training and exercise programs to 553
address gaps and ensure personnel are proficient 554
in the increasing number of diverse capabilities 555
used during incident response. As depicted in 556
exhibit 5, the 2018 Nationwide Communications 557
Baseline Assessment findings reflect strong 558
participation in training and exercise programs 559
overall. However, more than a quarter of local 560
public safety organizations and almost one-third 561
of federal and tribal organizations do not 562
exercise. These results indicate opportunities to 563
expand training and exercise participation and 564
content to address new technologies, threats, and 565
organization-specific planning needs. 566
Communications-focused training and exercises 567
demonstrate and test interoperability and 568
continuity capabilities during unplanned incidents. Effective training and exercise programs also incorporate 569
changes in policies, standard operating procedures (SOPs), partners, and technologies as they occur. 570
Assessment of communications during exercises and real-world events and incidents allows public safety 571
organizations to improve operational procedures, policies, and training program effectiveness. Public safety 572
captures improvement-related data through a repetitive, periodic analysis of tabletop, functional, and full-573
scale exercises, planned events, and incident after-action reports (AARs). Outcomes-focused documentation 574
identifies points of system failure, coverage inadequacies (indoor and outdoor), and requirements for 575
primary, secondary, and backup systems. Deficiencies and unmet needs form the basis of an organization’s 576
improvement action plan with solutions to strengthen communications coordination. 577
The Homeland Security Exercise and Evaluation Program (HSEEP) is the industry standard for developing 578
exercises with objectives supported by exercise evaluation guidelines. Public safety can enhance emergency 579
communications through the evaluation of training and exercises by using communications support personnel 580
in federally-funded exercises and third-party or peer evaluations. 581
Objective 3.1. Update and ensure the availability of training and exercises to address gaps in emergency communications
Exhibit 5. Percentage of public safety organizations that do
not participate in exercises
24
Evaluations are only effective if training and exercise programs are improved because of the lessons learned. 582
However, the 2018 Nationwide Communications Baseline Assessment found most public safety 583
organizations do not document or assess training evaluations along with the changing operational 584
environment. The following are indicators of success for this objective. 585
Success Indicators 586
Public safety organizations develop or update training and exercise programs to address new 587
technologies, data interoperability, cybersecurity, use of federal and national interoperability 588
channels, and continuity of communications 589
Public safety organizations offer training classes and exercises across multiple agencies and 590
jurisdictions whenever possible 591
Public safety organizations coordinate training and technical assistance across the government (as 592
applicable) to ensure current and consistent information 593
Public safety organizations include injects in exercises to test communications system and 594
personnel (including emerging technology and system failure) and utilize third-party evaluators 595
with communications expertise 596
Public safety organizations integrate private sector, NGOs, and public sector communications 597
stakeholders into training and exercises 598
The ECPC analyzes gaps and identifies opportunities for federal interagency training and exercise 599
programs 600
Training Videos for DHS Priority Telecommunications Services Now Available
25
Training tools must keep pace with the integration of new communications technologies and services added 601
to public safety professionals’ available capabilities. More technologies and applications result in more data 602
to process, more SOPs to learn, and more stress for the users. To ensure effective use of all available 603
technologies when a responder is under duress, progressive training and exercise programs can be designed 604
to build from previous lessons, adding new objectives along the way. Progressive training and exercises not 605
only build upon each other, but increase repetition of use to develop “muscle memory,” leading to the 606
likelihood of available technologies used appropriately and effectively during incidents and planned events. 607
One downside to repetition is outcomes from recurring exposure to incident scene images, which can 608
increase the risk of post-traumatic stress. In the field, new technologies such as body-worn cameras are 609
changing the nature of incident responses and require training to be used effectively. New technologies bring 610
responders not on-scene even closer to the impacts of a threat or hazard through photos, videos, and live 611
streaming as events unfold. Public safety agencies will benefit from incorporating modules demonstrating 612
techniques to combat “compassion fatigue” or “vicarious trauma” into trainings and building opportunities to 613
practice those methods into exercises. The following are indicators of success for this objective. 614
Success Indicators 615
Public safety organizations implementing Next Generation 911 (NG911) utilize training and tools 616
to address the impact of incident images/videos on dispatcher 617
Public safety organizations implementing mobile data applications utilize training and tools to 618
ensure that responders effectively use and are not overloaded by available information 619
DHS has trained more than 7,000 all-hazards communications support personnel nationwide, resulting in a 620
significant pool of trained staff in every state and territory. While a cadre of thousands of Communications 621
Unit Leaders (COMLs) and Communications Technicians (COMTs) have been trained, agency leadership 622
often do not know or take advantage of this capability during actual responses. Accessing these resources is 623
difficult when not every state has a program with policies and procedures to track, maintain, and utilize 624
NIMS/ICS-capable communications support resources. The NECP promotes progress for Emergency 625
Support Function #2 (ESF-2) and Communications Unit positions to more effectively integrate personnel 626
into operations and to improve capabilities to track and share trained communications support personnel. 627
The ongoing training and development of communications support personnel is an essential part of public 628
safety response to planned events and unplanned incidents, particularly as the scope and complexity of 629
technologies evolve. In 2018, DHS began developing a course for the Information Technology Service Unit 630
Leader (ITSL) to address increased demand for IT devices and networks during an incident or planned event. 631
The ITSL Course ensures that communications support resources are equipped with adequate skills to 632
operate and troubleshoot IT equipment during an activation and to enable service improvements over time. 633
Advances in tracking the training and use of active communications support personnel resolve shortages 634
during an incident or event and fulfill local, state, territory, tribal, and federal requirements for these 635
Objective 3.2. Incorporate human factors in training and exercises to address the demands that voice, data, and video information place on personnel
Objective 3.3. Ensure training addresses information sharing (i.e., voice, video, data) for multi-agency responses
26
positions. The following are indicators of success for this objective. 636
Success Indicators 637
States, territories, and tribal nations implement programs (based on best practices) to oversee the 638
qualification, training, certification, recognition, activation, and currency of communications 639
support personnel 640
States, territories, and tribal nations develop and support instructor cadres to expand training for 641
communications support personnel 642
SAFECOM and the NCSWIC develop training curriculums for additional positions within the 643
Information Technology Service Unit. 644
Communications Unit Personnel Position Task Book Sign-Off Process Template
27
Improve effective coordination of available operable and 645
interoperable public safety communications capabilities 646
for incidents and planned events 647
Objective 4.1: Confirm the implementation and active use of the NIMS doctrine 648
Objective 4.2: Enhance coordination and effective usage of public safety 649
communications resources at all levels of government 650
Objective 4.3: Develop or update operational protocols and procedures to support 651
interoperability across new technologies 652
Objective 4.4: Strengthen resilience and continuity of communications throughout 653
operations 654
Goal 4: Communications Coordination
28
Goal 4: Communications Coordination 655
Effective coordination and efficient usage of all available communications capabilities is critical to ensure 656
both responder safety and the timely provision of public safety services. Being familiar with the operation 657
and use of available capabilities prior to a response avoids communications challenges during an incident. 658
Similarly, the advantages realized from new technologies can only be maximized when familiarity and usage 659
of the capability comes in the form of repeated real-world application of the technology during operations. 660
While exercise, event, and incident AARs reflect improvements in incident and event coordination through 661
the use of communications technologies, challenges remain due to continuous technological advancements. 662
The significant benefits that communications technologies may introduce to the coordination of incidents and 663
planned events are lost if not applied appropriately. New, improved, or updated features, functions, and 664
capabilities must be accounted for in policies, plans, and procedures. The introduction of new and improved 665
technologies and additional communications capabilities can make coordination more complex and 666
challenging until their usage is more commonplace across the entire spectrum of public safety users. 667
Nevertheless, public safety organizations enhance coordination when they proactively incorporate new and 668
improved communications technologies, as well as commercial and non-traditional communications systems 669
providers. 670
Public safety organizations use NIMS and ICS processes, methods, and structures across all disciplines, 671
jurisdictions, and levels of government to standardize methods, practices, and actions during planned events 672
and incident responses. As public safety organizations maintain, implement, upgrade, or replace existing 673
communications capabilities, those capabilities should reflect an alignment with NIMS and ICS doctrine to 674
ensure available fielded capabilities are sufficient to support primary, secondary, and backup services. 675
Depending on the incident size, scope, location, and progress, various resources may be pressed into service 676
to support an evolving incident. The Incident Commander (IC) or Incident Management Team (IMT) remain 677
informed about the status of all available operable and interoperable communications capabilities through 678
sharing appropriate ICS form(s). 679
Public safety organizations of all disciplines are realizing better information gathering from various reporting 680
sources when larger complements of communications resources are deployed during initial responses to 681
incidents. These heightened responses require pre-planning between public safety organizations, IC and IMT 682
personnel, and communications systems providers. This coordination highlights the value of including 683
providers and helps responders be more aware and comfortable with expected timelines for their inclusion, 684
resulting in coordinated, robust, flexible, and resilient voice and data communications capabilities to 685
effectively support incident objectives. The following are indicators or success for this objective. 686
Objective 4.1. Confirm the implementation and active use of the NIMS doctrine
29
Success Indicators 687
Public safety organizations possess primary, secondary, and backup communications capabilities 688
aligned with NIMS and ICS and share appropriate forms (e.g., ICS 205) illustrating the status of an 689
agency’s capabilities 690
Public safety organizations assess and improve the timeliness of notification, activation, and 691
response of communications systems providers to support the IC and IMT requirements at incidents 692
and planned events 693
As the complexity of communications systems increase at a significant pace, it is incumbent upon public 694
safety organizations to include their communications systems providers in planning and response activities. 695
These resources offer technical assistance and advice to improve coordination for planned events and 696
incident responses. Providers may be internal, external, or a combination of both, and their expertise, 697
knowledge, information, and access to additional communications resources can be the difference between 698
successful or failed incident responses. Public safety organizations should evaluate existing communications 699
policy, plans, agreements, and current systems and capabilities usage to determine appropriate inclusion of 700
commercial providers and non-traditional communications partners. 701
In order to coordinate various communications tools, knowing the availability and current state of all 702
operable and interoperable assets is critical. At a minimum, public safety organizations need to share current 703
communications systems information with contiguous public safety agencies and other organizations which 704
provide or receive mutual aid, share infrastructure, or participate in planned events. Sharing active, available 705
features, functionality, and capabilities of current communications capabilities with partners can expedite 706
communications coordination for both incidents and planned events. The following are indicators of success 707
for this objective. 708
Success Indicators 709
Public safety organizations maintain and readily share comprehensive information about features, 710
functionality, and capabilities of operable and interoperable communication resources 711
Public safety organizations use up-to-date defined practices, procedures, pre-plans, specific 712
venue/location response plans, incident type response plans, SOPs, tactical response directives, 713
and/or tactical interoperability communications plans (TICPs) that identify primary, secondary, 714
and backup LMR assets, mobile data systems, devices and relevant applications for effective 715
communications coordination and information sharing during planned events and incidents 716
Public safety organizations periodically evaluate, engage, and incorporate commercial and non-717
traditional communications partners (e.g., auxiliary communications, volunteers, utilities) in 718
incidents and planned events 719
Objective 4.2. Enhance coordination and effective usage of public safety communications resources at all levels of government
30
As of 2018, a significant percentage of public safety agencies, nearly 25 percent, lacked SOPs on emergency 720
communications. However, the fast-paced evolution of communications capabilities highlights a crucial need 721
to update—and develop, if they do not exist—SOPs and operational plans to address entities, individuals, or 722
organizations that provide or use communications during emergencies (e.g., utilities, transportation sector, 723
commercial carriers). Coupled with effective planning, training, and exercises, SOPs transform policy and 724
best practices into real-world understanding of operational plans, which detail how to establish and maintain 725
communications during an incident or disaster. Analyzing AARs following events can assist with resolving 726
gaps or missing information through the development or revision of SOPs. 727
Public safety organizations establish a 728
repeatable process to periodically observe 729
and record user proficiency for primary, 730
secondary, and backup communications 731
systems. This includes an end-user’s ability 732
to properly access, navigate, manipulate, and 733
use available features, functions, and 734
capabilities of their communications devices 735
and equipment. Observations that illustrate a 736
lack of proficiency, established by set 737
minimum standards, in the use of communications capabilities drive appropriate recommendations for 738
modifications and expansion of user instructional documentation, informal and formal trainings, drills, 739
exercises, and SOPs. The following are indicators of success for this objective. 740
Success Indicators 741
Public safety organizations develop and regularly-update NIMS-aligned SOPs to facilitate the 742
integration, deployment, and use of communications assets 743
Public safety organizations have recommended guidelines developed on the use of personal devices 744
(e.g., bring your own device) based on applicable laws and regulations 745
Public safety organizations leverage training, exercises, and real-world events to test capabilities 746
and update SOPs 747
Public safety organizations periodically review the priority service programs (e.g., TSP, GETS, 748
WPS) to which they subscribe and ensure they have SOPs governing the programs’ use, execution, 749
and testing 750
Public safety organizations periodically test the proficiency of personnel in using communications 751
systems’ features, functions, and capabilities 752
SAFECOM SOPs Resources
Objective 4.3. Develop or update operational protocols and procedures to support interoperability across new technologies
728
729
730
731
732
733
734
735
736
737
31
As emergency communications systems and functions become more interconnected, they also become more 753
susceptible to physical and cyber vulnerabilities and disruptions in other parts of the Emergency 754
Communications Ecosystem. Agencies at all levels of government must plan for the interconnection of voice 755
and data communications. During large-scale events, planning and operations for backup communications 756
need to include all available assets and resources in the impacted incident area. For example, LMR systems 757
may need to be augmented by air and marine mobile communications to create a comprehensive air, sea, and 758
ground network with appropriate levels of security and authentication to ensure continuity of 759
communications. Commercial cellular voice and data networks are often used as backup options as well, but 760
these networks may be overwhelmed by congestion and capacity issues. 761
Achieving secure and resilient voice and data communications across the Ecosystem is essential for public 762
safety agencies to execute their missions under any circumstances. To achieve this level of preparedness, 763
public safety organizations and communications systems providers continually assess the readiness of 764
primary, secondary, and backup communications capabilities. Commonly, public safety communications 765
capabilities are constructed, operated, and maintained to provide the highest levels of availability and access. 766
The incorporation of resiliency and redundancy features ensures resources are available to effectively support 767
critical communications from large numbers of emergency responders, while continuing to support other 768
activities throughout a public safety organization’s jurisdiction. The following are indicators of success for 769
this objective. 770
Success Indicators 771
Public safety organizations establish sufficient testing and usage observations of all operable and 772
interoperable primary, secondary, and backup communications systems 773
Public Safety Answering Points (PSAPs), Public Safety Communications Centers (PSCCs), and 774
Emergency Operations Centers (EOCs) address systems and staffing to support communications 775
continuity of operations planning 776
SAFECOM and the NCSWIC develop best practices to encourage active network sharing and 777
regionalization of shared services 778
Objective 4.4. Strengthen resilience and continuity of communications throughout operations
Shared System Project: Puerto Rico and the U.S. Virgin Islands
32
Improve lifecycle management of the systems and 779
equipment that enable emergency responders and public 780
safety officials to share information efficiently and 781
securely 782
Objective 5.1: Support public safety requirements that drive research, development, 783
testing, and evaluation of emergency communications technology 784
Objective 5.2: Ensure communications and information sharing systems meet public 785
safety’s mission critical needs 786
Objective 5.3: Support data interoperability through the development of effective and 787
sustainable information sharing and data exchange standards, policies, and procedures 788
789
Goal 5: Technology and Infrastructure
33
Goal 5: Technology and Infrastructure 790
The rapid rate of technology advancement continues to outpace the public safety community acquisition 791
cycle. New technologies can be expensive and disrupt mission critical operations and communications. Yet, 792
emerging technologies, such as wireless data networks and IP-based mobile communications devices, offer 793
advanced capabilities to enhance command and control and situational awareness for emergency responders. 794
The ability to develop, test, and evaluate new technologies before integrating them ensures successful 795
operability and interoperability with existing communications systems. 796
The public safety community has placed an emphasis on accelerating research, development, testing, 797
evaluation, and standards implementation for emerging technologies that improve communications. With the 798
rollout of FirstNet and greater acknowledgement of the need for data capabilities, many public safety 799
organizations have focused their technology efforts on preparing to implement broadband solutions. In 800
addition, independent, statewide and regional Project 25 (P25) radio systems and NG911 are being deployed. 801
The public safety community continues to develop strategies and technology roadmaps for implementing 802
standards-based, open-source, vendor-neutral devices and applications that can sustain the unique public 803
safety operating environment and provide mission-critical communications. 804
To improve the development of innovative emergency communications capabilities that support the needs of 805
the emergency services sector, public safety organizations must coordinate their approach to research, 806
development, testing, and evaluation to serve the communications needs of organizations from all levels of 807
government. There must also be action to accelerate the development and adoption of mission critical, 808
standards-based communications technology products, applications, and services. The following are 809
indicators of success for this objective. 810
Success Indicators 811
SAFECOM and the NCSWIC identify public safety technology and infrastructure capability gaps 812
The ECPC coordinates federal research, development, testing, and evaluation priorities and 813
processes 814
The ECPC cultivates sustained engagement (e.g., cooperative agreements) between federal 815
research, development, testing, and evaluation programs, such as DHS Science and Technology 816
Directorate and the National Institute of Standards and Technology (NIST) Public Safety 817
Communications Research Division (PSCR), and with public safety organizations focused on 818
resiliency, interoperability, and other challenges 819
The ECPC partners with the private sector to foster an open, innovative, and standards-based 820
commercial marketplace for solutions development and ensure that public safety requirements are 821
addressed in current and emerging standards 822
Objective 5.1. Support public safety requirements that drive research, development, testing, and evaluation of emergency communications technology
34
Public safety must continually evaluate 823
and implement communications 824
standards and programs to keep pace 825
with technological advancements. Once a 826
technology has been successfully tested 827
and evaluated to meet public safety 828
needs, standards must be developed or 829
refined to ensure compatibility with 830
existing systems and enable consistent 831
implementations across the Emergency 832
Communications Ecosystem―improving 833
operability, interoperability, and security. 834
Programs that facilitate technology 835
adoption are necessary to communicate 836
benefits and minimize risks. Not every 837
new or enhanced technology will be 838
appropriate for each unique public safety 839
organization’s mission, nor can a new or 840
enhanced technology be adopted without 841
consideration of impacts to governance, 842
SOPs, use, training, and exercises. The 843
following are indicators of success for 844
this objective. 845
Success Indicators 846
SAFECOM and the NCSWIC communicate emerging technology impacts to public safety, such as 847
those associated with identity management, multimedia, 5G, IoT, social media, network 848
virtualization, spectrum optimization, artificial intelligence, machine intelligence, geographic 849
information systems, and positioning, navigation, and timing systems 850
SAFECOM and the NCSWIC guide standards-based LMR evolution 851
The FirstNet Authority innovates and integrates broadband technology into the Nation’s public 852
safety communications infrastructure 853
The National 911 Program coordinates, in collaboration with all levels of government, the 854
integration of NG911-identified best practices into the Nation’s public safety communications 855
infrastructure 856
Objective 5.2. Ensure communications and information sharing systems meet public safety’s mission critical needs
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
35
Data sharing capabilities have continued to evolve 857
since 2014, shaping the way information is 858
communicated and shared. Emerging capabilities 859
expand with whom and how agencies can share 860
information before, during, and throughout an event. 861
While the exchange of data can improve situational 862
awareness and facilitate transfer of mission critical 863
information, the quickly-evolving and complex culture 864
of data sharing also brings risk and privacy 865
considerations. In the 2018 Nationwide 866
Communications Baseline Assessment, on average, 867
less than half of public safety organizations use or test 868
interoperability solutions for data, as shown in exhibit 869
6. One challenge for effective information exchange 870
includes the increasing types of data being exchanged, such as video, geographic information system (GIS) 871
data, evacuee/patient tracking data, accident/crash (telematics) data, biometric data, Computer Aided 872
Dispatch (CAD) data, Automatic Vehicle Location (AVL) data, Common Operation Picture data, and more. 873
Another challenge is the volume of data requiring storage, exchange, maintenance, and analysis. 874
Development of effective and sustainable information sharing and data exchange standards, policies, and 875
procedures will help the public safety community address their data management needs, and adopt solutions 876
for Big Data, IoT, cloud convergence, and other data-intensive disruptive technologies. The following are 877
indicators of success for this objective. 878
Success Indicators 879
Public safety organizations employ standards-based information exchange models and data sharing 880
solutions 881
Public safety organizations follow acquisition best practices, including consideration for standards-882
based infrastructure 883
SAFECOM and the NCSWIC publish best practices and updated guidance on SOPs to assist the 884
public safety community in meeting data storage, exchange, maintenance, and analysis challenges 885
Objective 5.3. Support data interoperability through the development of effective and sustainable information sharing and data exchange standards, policies, and procedures
Exhibit 6. Percentage of public safety organizations that
never use or test interoperability solutions for data
36
Strengthen the cybersecurity posture of the Emergency 886
Communications Ecosystem 887
Objective 6.1: Develop and maintain cybersecurity risk management 888
Objective 6.2: Mitigate cybersecurity vulnerabilities 889
Objective 6.3: Determine public safety-specific, standards-based cyber hygiene 890
minimums and fund ongoing risk mitigation 891
Goal 6: Cybersecurity
37
Goal 6: Cybersecurity 892
The time for instituting a “security first” perspective for emergency communications is now. To prepare for 893
cyber-attacks, the public safety community must continually identify risks and address evolving security 894
requirements in coordination with partners in their Emergency Communications Ecosystem. Cybersecurity is 895
a shared mission across all levels of government, the private sector, NGOs, and even the public. 896
As noted in the 2017 National Preparedness Report, despite significant interest in and need for cybersecurity, 897
most states and territories have low confidence in their cybersecurity capabilities. To address this need, the 898
Federal Government established several programs to offer resources to assist organizations in managing their 899
cybersecurity risk. For example, organizations can request self-assessments or onsite assessments from 900
DHS’s Cyber Resilience Review program to uncover gaps and areas for improvement. In addition, DHS 901
established the National Risk Management Center to create a cross-cutting risk management approach 902
between the private sector and government to improve the defense of our Nation’s critical infrastructure. 903
As cyber threats grow in complexity and sophistication, attacks could become more numerous and severe 904
against emergency communications systems. Therefore, it is critical that public safety organizations take 905
proactive measures to carefully manage their cybersecurity risks. 906
Establishing cybersecurity risk management can 907
help to identify and prioritize risks, protect 908
resources, detect threats, and establish response 909
and recovery processes. Despite every effort, 910
cyber threat events will occur. Exhibit 7 shows the 911
significant percentages of public safety 912
organizations affected by cybersecurity, according 913
to results from the 2018 Nationwide 914
Communications Baseline Assessment. Being 915
prepared to execute response processes and 916
procedures, prevent expansion of the event, 917
mitigate its effects, and eradicate the incident is 918
necessary. Incident response plans, recovery or 919
resiliency plans, and continuity of operations plans 920
are useful in cybersecurity incident response. 921
Recovery planning processes and strategies are 922
improved by incorporating lessons learned into 923
future activities. Response personnel should be 924
trained on the latest security, resiliency, continuity, and operational practices and maintain in-service training 925
as new technology and methods are made available. The following are indicators of success for this 926
objective. 927
Success Indicators 928
Public safety organizations, at a minimum, implement the Cybersecurity Framework 929
Public safety organizations use the Critical Infrastructure Cyber Community Voluntary Program 930
(C³ Voluntary Program) 931
Objective 6.1. Develop and maintain cybersecurity risk management
Exhibit 7. Percentage of public safety organizations whose
communications have been impacted by cybersecurity breaches
at some point in the last 5 years
38
The identification and mitigation of threats and vulnerabilities is a shared responsibility. Threat information 932
sharing and shared solution sets are important aspects of cybersecurity. Public safety organizations must 933
make difficult decisions to allocate attention and funding to manage their organization’s cybersecurity risk. 934
They must also consider the impacts of their cybersecurity risk management on interoperability with the 935
broader community. Only when working together will the public safety community be able to implement the 936
most cost-effective and efficient mitigation activities and approaches that enable them to maintain the highest 937
degree of interoperability. 938
SAFECOM and the NCSWIC continues to 939
produce guidance educating the community on 940
known mid- and long-term threats and their 941
mitigations. Voice and data encryption is 942
increasingly in use throughout the public safety 943
community as another means to mitigating 944
threats, but not without challenges. For example, 945
encryption can add a significant level of 946
complexity and should be considered only when 947
operational requirements of the incident outweigh 948
additional complications. Another important 949
aspect of cybersecurity is a comprehensive 950
review of the standardized protocols and proprietary mechanisms connecting devices to and through the 951
Internet. NIST should review protocol standards, as well as provide cybersecurity testing and certification 952
activities, for the public safety community. The following are indicators of success for this objective. 953
Success Indicators 954
SAFECOM and the NCSWIC share planning and mitigation guidance regarding known threats and 955
vulnerabilities 956
Public safety organizations implement interoperable encryption, as needed 957
The ECPC refines the NG911 Emergency Communications Center (EC3) concept 958
NIST evaluates equipment and protocol vulnerabilities that impact the public safety mission 959
Instituting a “security first” perspective for public safety requires stakeholders to join together and establish 960
consistent standards, policies, procedures, interoperability, and implementation guidance for emergency 961
Objective 6.2. Mitigate cybersecurity vulnerabilities
Objective 6.3. Determine public safety-specific, standards-based cyber hygiene minimums and fund ongoing risk mitigation
Encryption and Key Management
Resources
939
940
941
942
943
944
945
946
947
948
949
950
39
communications deployments, including 962
consideration for the significant costs of these 963
activities. The 2018 Nationwide 964
Communications Baseline Assessment 965
revealed the significant percentages of public 966
safety organizations that lack funding to 967
address their cybersecurity needs, as shown in 968
exhibit 8. 969
Cybersecurity is a continual process of 970
enhancing defense. Some organizations will 971
have less capacity than others to apply for and 972
manage grants. Therefore, NIST should work 973
to develop a plan for setting, testing, and 974
maintaining cyber minimum standards to assist cybersecurity-eligible grant programs in distributing 975
necessary funding to public safety. To promote the importance of cybersecurity to operability and 976
interoperability, cybersecurity should be included as a critical success element in the SAFECOM 977
Interoperability Continuum, which assists emergency response organizations and policy makers to plan and 978
implement interoperability solutions for data and voice communications. National programs and federal 979
agencies also have a role to play evaluating, communicating, and advocating for cybersecurity services and 980
resources. The following are indicators of success for this objective. 981
Success Indicators 982
NIST establishes public safety-specific, standards-based cyber hygiene minimums for public safety 983
SAFECOM updates the Interoperability Continuum to account for cybersecurity 984
SAFECOM and the NCSWIC consolidate and publish information on available cybersecurity 985
services and grant programs, such as those detailed in the DHS Cybersecurity Services Catalog 986
and the Homeland Security Grant Program 987
National Risk Management Center provides a cost study of public safety cybersecurity risk 988
management and evaluates the need for additional grant programs 989
NIST provides incentives for cybersecurity-specific research and development activities based on 990
known threats 991
Exhibit 8. Percentage of public safety organizations that have no
funding or insufficient funding to meet cybersecurity needs
40
Implementing the NECP992
The NECP goals and objectives provide the blueprint to enhance emergency 993
communications capabilities nationwide, consistent with legislative requirements. 994
DHS has a practiced strategy for implementing, measuring, and reporting 995
progress on the NECP in coordination with stakeholders, working together 996
toward the desired end-state of emergency communications. 997
Implementation Action Plan and Promotion 998
OEC is designated as the federal agent charged with overseeing NECP implementation. In this role, OEC 999
will use a two-step approach to implementation: (1) develop and execute an action plan that supports the 1000
NECP’s six goals and supporting objectives; and (2) develop and execute a nationwide publication and 1001
campaign to promote the NECP. Both steps will be coordinated in partnership with stakeholders from the 1002
public safety community. 1003
Although DHS leads the development and management of the NECP, the implementation is a shared 1004
responsibility among the Department and the plan’s stakeholders. This reflects the nature of the public safety 1005
community, which spans disciplines, jurisdictions, and levels of government, and also involves the public 1006
and private sectors. As such, the action plan will identify supporting actions that OEC programs, services, or 1007
offerings can update or modify, develop, and enact to implement the NECP. It will further coordinate with 1008
local, state, territorial, tribal, and federal agencies to identify actions each can take to further support the 1009
Plan’s implementation activities. OEC will also work with stakeholders to plan actions within the constraints 1010
of limited resources, as the NECP does not directly provide funding to implement. 1011
The NECP is published on the DHS website and recognized as the strategic plan for the Nation. Similar to 1012
past releases, OEC will launch a promotional campaign following publication to drive the whole community 1013
towards its desired end-state as described in the NECP vision. OEC will enlist its Regional Coordinator 1014
personnel and “champions” from the local, state, territorial, tribal, and federal agencies to promote NECP 1015
implementation through stakeholder engagements and public safety associations. The plan’s success relies on 1016
the whole community embracing the NECP goals and objectives, and most importantly acting on them. 1017
Measuring Progress 1018
The ability of responders to seamlessly communicate and share information to save lives and protect property 1019
is both the most important and challenging criteria by which to measure the NECP’s success. Given the 1020
multitude of public safety agencies across the Nation—and the large number of incidents to which they 1021
respond to daily—consistent evaluation of how well communications function during response operations is 1022
a major challenge that requires cooperation at all levels of government. 1023
OEC will assess progress in achieving the 2019 NECP goals and objectives using the following approach: 1024
Coordinate with the public safety community to share goals and objective to incorporate them into1025
emergency communications plans1026
Use the success indicators within each objective to determine progress towards the individual objectives1027
Assess the collective progress of objectives to indicate progress towards overarching goals using the next1028
statutorily required communications capabilities assessment in 20231029
41
Compare results from the 2018 Nationwide Communications Baseline Assessment to the next 1030
assessment, measuring progress against key gaps identified in the 2019 NECP 1031
Conduct a periodic collective assessment of 2019 NECP goals and the 2023 Nationwide1032
Communications Baseline Assessment to track progress towards the plan’s overall implementation1033
The 2019 NECP goals and objectives are designed to achieve the plan’s vision—enabling the emergency 1034
response community to communicate and share information securely across communications technologies in 1035
real-time, including all levels of government, jurisdictions, disciplines, organizations, and citizens impacted 1036
by any threats or hazards event. Progress toward achieving the NECP vision will be measured via the next 1037
Nationwide Communications Baseline Assessment. OEC conducts the assessment every five years to provide 1038
a national and statistically valid snapshot of public safety agencies’ emergency communications capabilities 1039
and their current use, and to identify gaps that remain for interoperability to be achieved. The results of the 1040
assessment gauge implementation of the NECP, as well as inform the development and update of the next 1041
iteration. 1042
Reporting 1043
In accordance with 6 U.S.C. § 573, DHS is required to develop and submit the Biennial Progress Report on 1044
Emergency Communications to Congress. It is the official reporting mechanism that highlights the 1045
Department’s specific accomplishments in carrying out its responsibilities under Title XVIII, as well as areas 1046
of progress, current gaps, and identified best practices for each element of the SAFECOM Interoperability 1047
Continuum and other critical areas identified by Congress. OEC will report progress on 2019 NECP 1048
implementation through the Biennial Progress Report. 1049
42
Conclusion 1050
Since 2008, tremendous progress has been made to enhance emergency responder 1051
communications capabilities. However, the Nation must build on previous 1052
successes and pursue opportunities for improvement. The 2019 NECP 1053
emphasizes the close collaboration by stakeholders to plan for and shape the 1054
future of emergency communications. The deployment of new technologies 1055
provides emergency responders access to high-speed and cutting-edge 1056
capabilities, while current emergency communications networks offer responders 1057
the security, reliability, and coverage they need to execute their mission in an all-1058
hazards environment. Striking the right balance between addressing existing gaps 1059
and requirements while also integrating new technologies is a significant 1060
challenge facing public safety organizations across all levels of government. 1061
To that end, the NECP sets forth six strategic goals to advance the capabilities needed for operational success 1062
in an increasingly dynamic and interconnected environment. The NECP establishes a series of targeted 1063
objectives that address each goal and collectively emphasize the maintenance and improvement of radio 1064
communications systems, integration of emerging IP-based technologies, and improved coordination among 1065
an expanding emergency response community. It also identifies success indicators as aspirations for 1066
stakeholders to achieve within their communities. For example, stakeholders will use the NECP to enhance 1067
and update the policies, governance structures, planning, and protocols that enable responders to 1068
communicate and share information under all circumstances. Ultimately, the intent of the NECP is to ensure 1069
the emergency response community drives toward a commonly defined end-state for communications. 1070
Moving forward, emergency response agencies will be making critical decisions regarding resources, 1071
personnel, and equipment to address the evolving operating environment. The guidance provided in this plan 1072
will help to advance their efforts. However, success of the NECP will require the support and dedication of 1073
the entire emergency communications community, including government agencies, nongovernmental 1074
organizations, and citizens. In order to realize the NECP’s vision, DHS will work diligently so our Nation’s 1075
emergency responders and supporting entities can fulfill their mission needs in a seamless and fully 1076
interoperable, next generation Emergency Communications Ecosystem. 1077
43
Annex I: Success Indicator Descriptions 1078
Goal 1 - Governance and leadership: Develop and maintain effective emergency 1079
communications governance and leadership across the Ecosystem 1080
Objective 1.1: Formalize governance through policy, documentation, and adequate funding 1081
Success Indicators 1082
States and territories create or revise policy and plans to formalize and fund emergency communications 1083
governance bodies, such as SIGBs 1084
Formal governance structures, such as Statewide Interoperability Governing Bodies (SIGBs), Statewide 1085
Interoperability Executive Committees (SIECs), and Statewide 911 Boards, provide a foundation for public 1086
safety entities to collaborate, plan, and make decisions on strategies and operations that mutually support the 1087
investment, sustainment, and advancement of communications-related initiatives. Establishing statewide 1088
governance or revising the functions of existing bodies through statutes or Executive Orders formalizes the 1089
group’s authority to make funding recommendations supported through the state’s general funds or federal 1090
grant allocations. Without formal authority, ad hoc governance structures are vulnerable to disruption and loss 1091
of institutional knowledge as their participation relies on volunteered time. 1092
Governance bodies develop and implement governing documents, such as charters or bylaws, to clarify 1093
roles, purpose, authority, and methods for adapting to change 1094
A charter or bylaws document formally authorizes the existence of the governing body and provides a 1095
reference source for the future. Charters clarify governance operations, providing details on how to align the 1096
group’s vision to a long-term strategy and their responsibilities for making decisions and implementing change. 1097
Additionally, effective charters clarify each participating organization’s role, defines administrative duties, and 1098
outlines the organizational structure and voting processes for decision-making in the group. The charter’s value 1099
increases when buy-in is sought and granted by members of the governance body, encouraging commitment to 1100
the group’s purpose and decision-making strategies, and language remains flexible for adapting its 1101
membership, structures, and processes to the evolution of emergency communications. 1102
States and territories provide funding, authority, and governance to support a full-time Statewide 1103
Interoperability Coordinators (SWIC) in each state or territory, such as the development of legislative 1104
language and mandates 1105
The SWIC’s primary function is to plan and implement the statewide interoperability program, guided by 1106
initiatives outlined in the NECP and the Statewide Communication Interoperability Plan (SCIP). As such, 1107
SWICs act as linchpins establishing and maintaining emergency communications governance and planning 1108
across each state or territory by bringing together stakeholders from a broad spectrum of public safety 1109
communications systems and services. As part of this effort, SWICs are responsible for the implementation of 1110
the SCIP, which establishes a vision for interoperability across the state. SWICs also execute the grant 1111
application process, coordinating decisions on communications investments funded through federal grants to 1112
ensure projects align with the SCIPs and are compatible with surrounding systems. 1113
1114
44
State and territory governance bodies prioritize communications needs and coordinate with the SWIC and 1115
other state-level planners on applications for federal financial assistance 1116
In accordance with the FY 2018 SAFECOM Guidance on Emergency Communications Grants, states and 1117
territories are encouraged to coordinate the SWIC and state-level planners (e.g., broadband and 911 planners, 1118
utilities commissions), as well as the State Administrative Agency (SAA), to ensure projects and investments 1119
align with statewide plans and technical compliance requirements. The SAA, or an equivalent role, administers 1120
all homeland security and emergency communications grant funding for the state and is a principal figure for 1121
ensuring regional project plans are developed and implemented in coordination with contiguous jurisdictions, 1122
mutual aid partners, and other relevant partner organizations, jurisdictions, and sectors. The SAA, in 1123
coordination with the SWIC, is also a good resource for assisting with the State Preparedness Report, regional 1124
and state strategic plans, and project alignment at the local level with the state’s long-term vision for 1125
interoperability. For instance, the SWIC may escalate policy and grant recommendations to the SAA for 1126
consideration by the Governor’s Office. 1127
Federal departments or agencies establish a federal interoperability office or designate a Federal 1128
Interoperability Coordinator 1129
Emergency communications responsibilities at the federal level are often scattered across bureaus, 1130
components, offices, and programs. Few departments or agencies have governance mechanisms to implement 1131
interoperability policies, decisions, and processes. A designated emergency communications interoperability 1132
office, coordinator, or committee improves information sharing activities, better informs decision-making, and 1133
provides a single point of coordination on interoperability issues for all partner agencies. This central authority 1134
leads initiatives across federal, state, local, tribal, and territorial partner agencies. 1135
Objective 1.2: Structure more inclusive governance by expanding membership composition 1136
Success Indicators 1137
Governance bodies identify and include missing or underrepresented partners (i.e., jurisdictions, tribes, 1138
sectors, organizations) in formal governance structures, when developing strategic and operational plans 1139
and policies, and during training and exercises 1140
Governance is only successful if those affected by emergency communications disruptions are involved in 1141
decision-making processes to prevent them. However, governance in many areas still only involves traditional 1142
disciplines or sectors and excludes those responsible for secondary or tertiary systems or response functions. 1143
Non-traditional organizations responsible for public safety, emergency communications, or emergency services 1144
responding to area-specific hazards (e.g., Forestry Services in rural California, terrorism task forces in large 1145
urban centers) bring unique perspectives and challenges on interoperability. Increased collaboration with a 1146
wider variety of organizations results in reciprocal benefits, such as a larger inventory of available resources 1147
and knowledge between rural and urban communities. Successful coordination requires planning discussions 1148
across these entities through governance and the involvement of potentially under-represented organizations or 1149
sectors when developing strategic, operational, and contingency plans. For instance, public safety agencies 1150
from state/territorial, local, and regional governments and governance bodies benefit from strengthening 1151
relationships and establishing formal mechanisms for achieving interoperability with tribes. Such formal 1152
mechanisms could include establishing legislation for tribal representation on working groups and committees 1153
or memoranda of understanding or agreement (MOUs/MOAs) to define how information, resources, and 1154
infrastructure may be shared. Involvement of tribal points of contact is necessary since tribes may also provide 1155
critical infrastructure support to surrounding jurisdictions or benefit directly from state/territorial, local, and 1156
regional infrastructure and emergency response capabilities. 1157
45
Governance bodies include information management, network infrastructure, and cybersecurity 1158
representatives through membership or formalized coordination 1159
Because of the increasing complexity of interconnected, Internet Protocol (IP)-based technologies and their 1160
integration into emergency communications systems, governance bodies and subgroups benefit from 1161
developing and implementing strategies, policies, and plans to assess, manage, and oversee the progression of 1162
risks and information management in the long term. Inviting information technology (IT) officers, such as the 1163
Chief Information Officer (CIO), to participate in emergency communications governance bodies increases IT 1164
services and public safety community end-user coordination. Additionally, establishing subcommittees related 1165
to new technologies, threats, and issues provides subject matter expertise when coordinating the integration of 1166
IP-based and advanced technologies. 1167
Governance bodies coordinate with elected officials to champion public safety communications priorities 1168
and lifecycle planning among decision makers 1169
Whether it be the elected official or a representative from his or her office, representation from these offices on 1170
formal public safety communications governance bodies allows those making fiscal and policy decisions to 1171
better understand priorities, take informed action, and advocate for resources. Formal collaboration provides 1172
elected officials and other decision makers greater access to and understanding of strategic plans and short- and 1173
long-term priorities, as well as the ability to contribute to the formation of solutions, and necessary support, for 1174
key priorities and challenges at state, local, tribal, and territorial levels. This approach emphasizes the need for 1175
direct discourse between public safety organizations and those forming policy to determine a tangible path 1176
toward interoperability resilience. 1177
Objective 1.3: Adopt adaptive governance strategies to address the rapid evolution of 1178
technologies, capabilities, and risks 1179
Success Indicators 1180
Governance bodies undertake technology integration & migration initiatives (e.g., broadband, 911, alerts 1181
and warnings, information management, network infrastructure, cybersecurity) to guide implementation by 1182
public safety 1183
As communications technologies converge, experts who oversee land mobile radio (LMR), broadband/long-1184
term evolution (LTE), 911/Next Generation 911 (NG911), alerts and warnings, IT and security, social media, 1185
and other systems and services, work in tandem to strengthen emergency communications capabilities. Due to 1186
the overlapping nature of their positions, clarifying individual roles, as well as dependencies and collaborative 1187
functions, is key to avoid duplication of efforts and ensure consistent and coordinated deployment of 1188
technologies across existing systems. This approach ensures individual system plans (e.g., statewide 911 plan, 1189
statewide cybersecurity strategy) align with the SCIP and overall strategies for achieving interoperability. 1190
Governance bodies identify and address legislative and regulatory issues associated with emerging 1191
technology 1192
Implementation of new and emerging technology requires awareness and compliance with certain legislative 1193
and regulatory constraints surrounding public safety. For example, the First Responder Network Authority 1194
(FirstNet) is required by statute to develop a national deployment plan for its Radio Access Network. However, 1195
it is important that governing bodies be aware of their own state’s legislature that either limits or enables 1196
implementation of the network and its technology. Periodic reviews of federal, state and local regulations 1197
affecting public safety and emergency communications technology inform governing bodies and public safety 1198
organizations of funding opportunities, as well as any possible restrictions in securing emerging technology. 1199
1200
46
Organizations supporting public safety communications formalize and regularly review cross-jurisdictional, 1201
multi-state, or multi-organizational agreements (e.g., MOUs, MOAs, mutual aid agreements [MAAs]) to 1202
account for changes to resources, capabilities, and information or technology sharing needs 1203
MOUs, MOAs, or MAAs minimize risks for the communities they serve by supplementing informal 1204
relationships between agencies, which are often limited in scope and duration. However, few public safety 1205
organizations work with their partner agencies to review and update emergency communications agreements 1206
on a regular basis. Written agreements, backed by formal governance, bring together multiple organizations 1207
and jurisdictions to establish common goals and objectives toward achieving operable and interoperable public 1208
safety communications. An MOU or MOA may also define party responsibilities for a shared system, provide 1209
its scope and authority, outline compliance issues, and even streamline processes for grant fund application or 1210
award. These agreements are most effective when reviewed regularly to account for changes to resources, 1211
capabilities, and information or technology sharing needs. 1212
The Emergency Communications Preparedness Center (ECPC) serves as a decision-making body guiding 1213
lessons learned, best practices, and partnerships for federal organizations implementing new capabilities 1214
Federal agencies with law enforcement and emergency response missions face ongoing challenges related to 1215
the integration of new capabilities into their operations. The ECPC plays a valuable role assisting agencies to 1216
navigate challenges and realize opportunities associated with transitions to new capabilities. Public safety 1217
organizations follow the ECPC to learn more about how to more effectively share information on pilot 1218
programs and lessons learned, coordinate investments and acquisition strategies, and share systems, where 1219
possible. 1220
Goal 2 - Planning and Procedures: Develop and update comprehensive 1221
emergency communications plans and procedures that address the evolution of risks, 1222
capabilities, and technologies across the Ecosystem 1223
Objective 2.1: Develop and regularly-update strategic plans to align with the NECP and 1224
address the integration of new emergency communications capabilities (i.e., voice, video, and 1225
data) 1226
Success Indicators 1227
Public safety organizations use strategic implementation plans (e.g., SCIPs, Regional Interoperability 1228
Communications Plans, NG911 Plans, Cybersecurity Plans) to measure progress against NECP objectives 1229
and any additional state or territory objectives, and update plans annually 1230
The SCIP is the primary strategic implementation plan for each state and territory, defining critical emergency 1231
communications capabilities and needs. The SCIP outlines recommendations from the public safety 1232
community on how to improve voice, video, and data communications across the state/territory through the 1233
development of vision and mission statements, milestones or activities to achieve specific goals, and a 1234
governance structure with specific roles and responsibilities assigned to those executing tasks in the plan. 1235
States and territories work with the SWIC to ensure investments support, and do not contradict, statewide 1236
plans, and align with the NECP goals and objectives. Since many federal emergency communications grants 1237
require recipients to align their projects to the SCIP and SCIP Annual Snapshot, public safety agencies benefit 1238
by contributing to the development or revision of SCIP content as it pertains to priorities across communities. 1239
An overarching statewide/territory-wide emergency communications plan helps states/territories align the 1240
efforts or its stakeholders and focus resources toward activities and investments that will have the broadest and 1241
most profound impacts. 1242
1243
47
Federal agencies or departments develop emergency communications strategic plans in coordination with 1244
the ECPC 1245
Given the rapidly evolving emergency communications and IT environment, it is critical federal departments 1246
and agencies plan for new investments, maintain and modernize legacy systems, and identify personnel and 1247
training needs to meet new challenges. Strategic plans and roadmaps enable an organization to document its 1248
vision for the benefit of staff and partner agencies, prioritize communications resources, strengthen governance 1249
structures, identify future communications investments, and resolve long-standing interoperability issues. 1250
While these plans often look different from agency to agency, the ECPC works with federal personnel to 1251
ensure they have the tools needed to develop, coordinate, and share strategic plans across the interagency 1252
community to identify opportunities for cooperation. 1253
Objective 2.2: Align emergency communications funding and investments with strategic and 1254
lifecycle planning 1255
Success Indicators 1256
Federal funding authorities develop federal grant guidance for emergency communications governance and 1257
investments consistent with guidelines provided by SAFECOM and the NECP 1258
Emergency communications guidelines, such as the NECP and SAFECOM Guidance on Emergency 1259
Communications Grants, are regularly updated to align with the newest emergency technologies and 1260
capabilities. In response, federal grant-making agencies, supporting emergency communications activities as 1261
an allowable cost, are encouraged to consistently update their federal grant guidance to accommodate these 1262
changes. Communicating and allowing grant applicants and recipients to fund the latest advancements in 1263
emergency communications technologies provide entities with the most up-to-date information to make sound, 1264
sustainable, and long-term investments in interoperability. 1265
Public safety organizations develop and use lifecycle plans to inform agency funding decisions and 1266
implement new technologies while maintaining necessary legacy and back-up systems 1267
Successful lifecycle plans take each phase of SAFECOM and NCSWIC’s lifecycle planning model into 1268
account and include input from project planners, decision-makers, and other stakeholder as necessary. The plan 1269
also consolidates assessments performed to determine need for equipment or system sustainment and upgrade, 1270
dividing a large communications initiative into smaller projects for funding and implementation in phases over 1271
time. Due to the potential longevity of these plans, content should be reviewed and updated regularly to reflect 1272
changes in project status for planning purposes. Project planners developing implementation portions of the 1273
lifecycle plan, including dates, milestones, roles and responsibilities, should refine content before and after the 1274
request for proposals process to ensure they are accurate and achievable. The DHS Lifecycle Planning Tool is 1275
available to help organizations structure and build major sections of their plan. 1276
Public safety organizations and governing bodies identify sustainable funding mechanisms to support the 1277
lifecycle planning model 1278
Public safety organizations use a variety of funding mechanisms and resources in their efforts to prioritize 1279
system sustainment and upgrade. As detailed in the 2018 SAFECOM and NCSWIC Funding Mechanisms for 1280
Public Safety Communications Systems, examples of alternatives to grant funds include bonds, public-private 1281
partnerships, user fees, 911 surcharges, traffic ticket and vehicle surcharges, leasing equipment and 1282
infrastructure from public and private entities, grants, and other unique streams. The Emergency 1283
Communications System Lifecycle Planning Guide also describes the lifecycle planning model and provides 1284
strategies for funding system purchase, maintenance, and upgrade. 1285
1286
48
Objective 2.3: Incorporate risk management strategies to protect against and mitigate 1287
disruptions to mission critical communications 1288
Success Indicators 1289
Local public safety organizations work with state agencies to evaluate emergency communications threats, 1290
hazards, and needs in formal capability reporting mechanisms (e.g. THIRA, SPR) 1291
The DHS Threat and Hazard Identification and Risk Assessment (THIRA) and Stakeholder Preparedness 1292
Review (SPR) are helpful when conducting state-level, emergency communications capability evaluations. All 1293
types of communities participate in these interconnected processes to evaluate community preparedness. Local 1294
and state decisions makers and SWICs should apply information within these assessments to direct funding and 1295
sustainment resources to new and legacy emergency communications systems. 1296
Public safety organizations incorporate risk management strategies into plans for continuity and recovery of 1297
critical communications 1298
Determining and testing strategies to increase the resiliency of public safety networks and the personnel who 1299
run them help to prevent catastrophic loss of critical communications to end-users during emergencies or 1300
disasters. Despite its importance, however, less than half of public safety organizations build processes into 1301
their plans to ensure continuity during out-of-the-ordinary emergencies or disasters. Continuity portions of 1302
plans identify minimum communications requirements to perform essential functions and alternate equipment 1303
and systems, staff and their responsibilities, and facilities or base locations. From a purely network resiliency 1304
perspective, three key elements to consider when planning include route diversity, or routing between two 1305
points over one geographic or physical path with no common points; redundancy, when additional or duplicate 1306
communications assets share the load or provide back-up to the primary asset; and protective and restorative 1307
measures to decrease the likelihood a threat will affect a network and the latter which enables rapid 1308
reestablishment of services if disabled or destroyed, such as through OEC’s Telecommunications Service 1309
Priority (TSP). Additionally, continuity of operations plans may provide details on pre-operational and 1310
operational procedures to protect assets, secure information, and backup systems; recovery procedures, 1311
including identification of alternative communications systems available but not used during day-to-day 1312
operations (e.g., satellite); details on communications response and recovery teams; cross-training 1313
opportunities to address potential personnel shortages; communications unit leader training; emergency and 1314
service provider contact lists; and procedures for accessing priority services programs (i.e., TSP, Government 1315
Emergency Telecommunications Service, Wireless Priority Service). 1316
Public safety organizations that use information technology have a cybersecurity incident response plan in 1317
place 1318
Incident Response Teams (IRTs), incident response plans, recovery or resiliency plans, and continuity of 1319
operations plans are useful in cybersecurity incident response. IT administrators may consider establishing a 1320
Computer Security Incident Response Team (CSIRT) or reach an agreement with the U.S. Computer 1321
Emergency Readiness Team (US-CERT) US-CERT, run by DHS National Cybersecurity and Communications 1322
Integration Center (NCCIC), to assist in cybersecurity planning. A CSIRT serves as a centralized authority to 1323
report and analyze security issues within an organization. A CSIRT may also recommend potential solutions to 1324
the threats and publicize known threats, vulnerabilities, and solutions generally or to a specific information-1325
sharing community. The CSIRT works with hardware and software vendors to obtain information about 1326
vulnerabilities and potential solutions. Additionally, coordinating response and recovery efforts with the SWIC 1327
and other IT administrators can increase cybersecurity posture. 1328
Public safety organizations perform resiliency assessments and mitigate vulnerabilities 1329
According to the 2018 Nationwide Communications Baseline Assessment, poor coverage and 1330
system/equipment failure were some of the most common technical factors impacting public safety’s ability to 1331
communicate. Communications continuity is a network’s ability to withstand physical and cyber damage, 1332
49
thereby minimizing the likelihood of a service outage. Three key elements ensure continuity: route diversity, 1333
redundancy, and protective/restorative measures. Performing physical and cyber resiliency assessments can 1334
assist an organization in ensuring continuity of service in the event of an emergency, justifying network 1335
operations and improvement funding requests, increasing organizational control, and prioritizing areas for 1336
network improvement. More information can be found in the Public Safety Network Communications 1337
Resiliency Self-Assessment Guidebook and Public Safety Communications Resiliency: Resiliency Ten Keys to 1338
Obtaining a Resilient Local Access Network. In addition, radio frequency (RF) best practice implementation 1339
plays a critical role throughout the life cycle of a system. RF coverage testing and analysis should be used to 1340
define and refine system coverage requirements, supplement baseline coverage studies, provide supplemental 1341
information related to Coverage Acceptance Testing, provide in-building coverage measurement including 1342
assistance in locating interfering signals, and assist with system optimization as well as ongoing maintenance. 1343
RF interference must also be considered. The SAFECOM/NCSWIC RF Interference Guidebook describes how 1344
RFI can disrupt a variety of mission critical public safety communications (e.g., GPS, cellular/broadband data 1345
communications, unmanned aerial vehicle [UAV] or drone communications, voice over radio communications) 1346
and how to identify, respond to, resolve, and become more resilient to the impacts of RF interference. 1347
Resiliency assessments should account for the entire system lifecycle, including testing and maintenance. 1348
Goal 3 – Training, Exercises, and Evaluations: Develop and deliver training, 1349
exercise, and evaluation programs that target gaps in all available emergency 1350
communications technologies 1351
Objective 3.1: Update and implement training and exercise programs to address gaps in 1352
emergency communications 1353
Success Indicators 1354
Public safety organizations develop or update training and exercise programs to address new technologies, 1355
data interoperability, cybersecurity, use of federal and national interoperability channels, and continuity of 1356
communications 1357
The development of standardized communications-focused objectives and evaluation criteria for training and 1358
exercise programs require thorough understanding of existing gaps across levels of government. The 2018 1359
Nationwide Communications Baseline Assessment identified several issues that should be included in training 1360
and exercise programs, such as integrating existing systems with IP-based technologies and services; 1361
establishing processes for data management and exchange; addressing cybersecurity and other risks; increasing 1362
proficiency in end-users ability to program and use federal and national interoperability channels; and 1363
maintaining mission critical communications during disruptions in operations. Updated training and exercise 1364
programs addressing these topics improve the public safety community’s ability to increase capacity and build 1365
on existing capabilities. 1366
Public safety organizations offer training classes and exercises across multiple agencies & jurisdictions 1367
whenever possible 1368
Training and exercise programs help identify and mitigate communications challenges, but only if these 1369
programs tackle interoperability across the emergency communications ecosystem. Comprehensive programs 1370
address technology, process, and human factors related to interoperability; not only an agency’s or 1371
entity’s systems but those of partners, with a focus on where those systems intersect. The capability gaps 1372
and interoperability challenges faced by the ecosystem can be incorporated into objectives, injects, and 1373
scenarios. Where possible, partners from across the entire ecosystem should be invited to attend as participants, 1374
staff, or observers. Serving as evaluation staff is a good way for partners to enhance each other’s 1375
programs. . Reliability of evaluations increases when third parties observe, document, and report on 1376
outcomes. In return, evaluators are introduced to new processes, technologies, and best practices that they 1377
can take back to their home jurisdiction, region, or Tribe. 1378
50
Public safety organizations coordinate training and technical assistance across the Government (as 1379
applicable) to ensure current and consistent information 1380
The OEC Regional Coordination and Technical Assistance Programs work with the public safety community 1381
to ensure training and technical assistance remain viable and current. SWICs have an understanding of training 1382
and technical assistance requirements within states and territories. SWICs also assist local, tribal, and 1383
individual organizations to participate in training and technical assistance opportunities. Where training 1384
requirements cannot be fulfilled with in-state resources, SWICs coordinate and identify training resources with 1385
the state training authority (e.g., the State Training Officer). Participation in regional and nationwide public 1386
safety groups and associations allows emergency communicators to ensure their organizations have current 1387
information regarding trainings and technical assistance offerings. 1388
Public safety organizations include injects in exercises to test communications system and personnel 1389
(including emerging technology and system failure) and utilize third-party evaluators with communications 1390
expertise 1391
The public safety community reported the need for third-party or peer evaluators during exercises. Self-1392
evaluations may be influenced by bias resulting in non-credible or false performance data. Given the proper 1393
tools, such as quality exercise evaluation guides (EEGs), any facilitator can accurately observe, appraise, and 1394
document the performance of tasks and activities that compose a capability. At the same time, independent 1395
third-party evaluators, with no connection to the players or their agencies, offer an additional level of objective 1396
evaluation. Partnering agencies that support each other with trainers, exercise controllers, and evaluators 1397
benefit from these cross-agency interactions; leading to improved trainings, exercises, and capabilities on all 1398
sides. Written agreements as to who shoulders costs related to these shared resources are beneficial to support 1399
continued use of third party evaluators, controller, and trainers. 1400
Public safety organizations integrate private sector, non-government organization (NGO), and public- 1401
sector communications stakeholders into training and exercises 1402
Training with organizations from a broader range of disciplines and levels of government enhances 1403
interoperability, and by extension, preparation for events that involve numerous agencies. Currently, only 7 1404
percent of public safety organizations report training with NGOs and private-sector entities. In contrast, 23 1405
percent report not training with any other types of organizations, with the rest of organizations falling 1406
somewhere in between these extremes. NGOs and private sector entities operate critical infrastructure that 1407
provides or supports emergency communications including operations centers, towers, generators, repeaters, 1408
and vehicles. Many NGOs and private sector entities also maintain communications capabilities for day-to-day 1409
safety and security operations, as well as responses to out-of-the-ordinary events. In some cases, NGOs such as 1410
the American Red Cross, engage in day-to-day incident response that necessitates employing emergency 1411
communications technologies. Similarly, other supporting entities such as health and transportation agencies, 1412
routinely use voice and data capabilities to dispatch and communicate with personnel in the field. These 1413
entities may need to interoperate with public safety organizations during out-of-the-ordinary events to 1414
coordinate the deployment of resources and ensure their safety. Effective coordination among public safety 1415
organizations, NGOs, private sector, and supporting entities require resource sharing agreements and benefit 1416
from participation in joint training, exercises, and planned events, such as parades and communications rallies. 1417
The ECPC analyzes gaps and identifies opportunities for federal interagency training and exercise 1418
programs 1419
Due to the Federal Government’s involvement in large-scale emergency preparedness and response, federal 1420
agencies manage, offer, and participate in an array of training and exercise programs aimed at improving the 1421
operability, interoperability, continuity, and security of communications capabilities. The ECPC is well-1422
positioned to analyze mutual capability gaps, develop common objectives, identify opportunities for joint 1423
trainings and exercises, and centrally track interagency progress. 1424
51
Objective 3.2: Incorporate human factors in training and exercises to address the demands 1425
that voice, data, and video information place on personnel 1426
Success Indicators 1427
Public safety organizations implementing NG911 utilize training and tools to address the impact of incident 1428
images/videos on dispatcher 1429
New technologies bring responders not on-scene even closer to the impacts of a threat or hazard through 1430
photos, videos, and live streaming as events unfold. Public safety agencies will benefit from incorporating 1431
modules demonstrating techniques to combat “compassion fatigue” or “vicarious trauma” into trainings and 1432
building opportunities to practice those methods into exercises. Trainings and tools to develop “emotional 1433
intelligence” and peer support mechanisms can be added to programs. In many cases, introduction to these 1434
concepts can be delivered through internet-based learning applications that apply distance learning techniques 1435
and can be viewed at the convenience of the responder. Effective tools and trainings address these mental 1436
health issues before exposure and following traumatic events. 1437
Public safety organizations implementing mobile data applications utilize training and tools to ensure that 1438
responders effectively use and are not overloaded by available information 1439
New technologies being integrated into public safety communications are changing the nature of the jobs 1440
performed both in the field and at facilities such as PSAPs and EOCs. Information flow, volume, and sources 1441
of data are all evolving, so training programs need to address the use of new technologies and the impact of 1442
change on responders and the work they do. For example, video messaging changes the interaction of a 1443
dispatcher with a caller from a voice interaction to a face-to-face interaction. Physical reactions of the 1444
dispatcher such as facial expressions are no longer hidden from the distressed caller, necessitating a new set of 1445
skills and coping mechanisms for the dispatcher. In the field, body-worn cameras are another change for 1446
responders where training is necessary. Administratively, the changes that come with new technologies may 1447
require trainings for new approaches to screening and interviewing new applicants and during performance 1448
reviews. To ensure effective use of all available technologies when a responder is under the most stress, 1449
progressive training and exercise programs can be designed to build from previous lessons, adding new 1450
objectives along the way. Progressive training and exercises not only build upon each other, they also increase 1451
repetition of use to develop “muscle memory,” leading to the likelihood of available technologies being used 1452
appropriately and effectively during all events and incidents. 1453
Objective 3.3: Ensure that NIMS training addresses information sharing (i.e., voice, video, 1454
data) for multi-agency responses 1455
Success Indicators 1456
States, territories, and tribal nations implement programs (based on best practices) to oversee the 1457
qualification, training, certification, recognition, activation, and currency of communications support 1458
personnel 1459
A designated point of authority to oversee the qualification, training, certification, recognition, activation, and 1460
currency of ESF-2 and Communications Unit personnel, greatly improves the awareness, use, and tracking of 1461
trained personnel for response operations. Managing the tracking aspects of qualification, training, 1462
certification, recognition, and activation of communications support personnel is frequently overlooked. When 1463
training programs lack a proper tracking system for ensuring compliance of personnel, it creates confusion 1464
about overall readiness status, i.e., which personnel are active and ready for deployment. 1465
52
States, territories, and tribal nations develop and support instructor cadres to expand training for 1466
communications support personnel 1467
During emergencies and planned events, ESF-2 and communications support personnel are typically required. 1468
In order to meet demand, there needs to be adequate training available to allow new personnel to be trained and 1469
for existing personnel to renew their qualifications, certifications, and credentialing. Increased support for 1470
communications instructor cadres will ensure communications support programs have a sufficient number of 1471
accredited personnel at all times. 1472
SAFECOM and the NCSWIC develop training curriculums for additional positions within the Information 1473
Technology Service Unit 1474
Incident AARs regularly document communications and information management challenges. Additionally, 1475
providing data connectivity at most incidents is common place; however, there is no specific person or place 1476
within ICS responsible for providing such personnel or resources. To simultaneously establish positive radio 1477
communications and network connectivity to manage the demand for digital information in multiple forms, 1478
new positions and requisite curriculums are needed to support communications during all-hazards planned 1479
events and unplanned incidents. 1480
Goal 4 – Communications Coordination: Improve effective coordination of 1481
available operable and interoperable public safety communications capabilities for 1482
incidents and planned events 1483
Objective 4.1: Confirm the implementation and active use of the NIMS doctrine 1484
Success Indicators 1485
Public safety organizations possess primary, secondary, and backup communications capabilities aligned 1486
with NIMS and ICS and share appropriate forms (e.g., ICS 205) illustrating the status of an agency’s 1487
capabilities 1488
As public safety organizations maintain, implement, upgrade, or replace existing communications capabilities, 1489
those capabilities should reflect an alignment with NIMS and ICS doctrine to ensure available fielded 1490
capabilities are sufficient to support primary, secondary, and backup communications services required by 1491
planned events and incident responses. 1492
As the scope of a reported incident becomes known, the communications capabilities required to coordinate the 1493
incident activities, like all other response attributes must scale appropriately to meet the on-scene 1494
communications needs while preserving enough capability and capacity for normal operations within the 1495
incident jurisdiction. Public safety organizations and discipline specific communications requirements based 1496
upon the initial report of the incident type may alter established pre-plans and the normally or commonly used 1497
communications pathways. The evolving nature of a no-notice incident or damage to primary, secondary, or 1498
backup communications capabilities may alter the predetermined use of specific capabilities at an incident 1499
scene. As the initial units arrive, communications play a pivotal role in the confirmation and determination of 1500
the type of incident, its scope, and the requirements for additional public safety resources. Depending upon 1501
initial observations and determinations, coupled with additional incoming information to Public Safety 1502
Answering Points (PSAP) and Public Safety Communications Centers (PSCC), various communications 1503
resources may be pressed into service to support an evolving incident. Depending upon the incident size, 1504
scope, location, and evolution progress, the Incident Commander (IC) or Incident Management Team (IMT) 1505
should remain well-informed about the status of all available operable and interoperable communications 1506
capabilities, information that is easily obtained through sharing appropriate ICS form(s). 1507
53
Public safety organizations assess and improve the timeliness of notification, activation, and response of 1508
communications systems providers to support the IC and IMT requirements at incidents and planned events 1509
Public safety organizations’ incident response evolves through necessity to respond quicker with more 1510
appropriate resources to stabilize major incidents, remove threats, and provide expedient aid more effectively. 1511
Anecdotal trends indicate that public safety organizations, of all disciplines, are committing larger 1512
complements of resources during initial responses to reported critical incidents based upon better information 1513
gathering from various reporting sources. These heightened responses require more and better pre-planning 1514
with competent and experienced IC and IMT personnel supported by communications systems providers and 1515
augmented by coordinated, robust, flexible, and resilient voice and data communications capabilities to 1516
effectively address incidents and planned events of all types and sizes. Recognizing the importance of the 1517
inclusion of communications systems providers, public safety organizations and IC/IMT personnel must be 1518
cognizant and comfortable of the expected timelines to acquire support of communications systems providers. 1519
Equally important, the criteria for event planning is also evolving to ensure that public safety organizations 1520
effectively plan for contingencies where a planned event evolves into a critical incident. It is incumbent upon 1521
public safety organizations to ensure sufficient primary, secondary, and backup communications capabilities 1522
are available to scale quickly to effectively support and facilitate the transition of a planned event to a critical 1523
incident. 1524
As the complexity of communications systems increase due to the unrelenting pace of technological advances, 1525
it is incumbent upon public safety organizations to improve the inclusiveness of their communications systems 1526
providers to offer necessary technical assistance and advice to improve coordination and planning for planned 1527
events and incident response activities. Regardless whether public safety organizations’ communications 1528
systems providers are internal, external, or both, the expertise, knowledge, information, and access to 1529
additional communications resources can be the difference between a successful or failed incident response. 1530
The following are activities recommended to achieve this objective. 1531
Objective 4.2: Enhance coordination and effective usage of public safety communications 1532
resources at all levels of government 1533
Success Indicators 1534
Public safety organizations maintain and readily share comprehensive information about features, 1535
functionality, and capabilities of operable and interoperable communication resources 1536
The ability for public safety organizations at all levels of government and in every discipline to effectively 1537
communicate is crucial when delivering critical, lifesaving services. In order to coordinate various 1538
communications tools, knowing the availability and current state of all operable and interoperable assets is 1539
critical. At a minimum, all public safety organizations need to share current communications systems 1540
information with contiguous public safety agencies and other organizations who may provide or receive 1541
automatic aid, mutual aid, or share infrastructure or resources or participate in planned events. This sharing of 1542
active, available features, functionality, and capabilities of current communications capabilities can expedite 1543
communications coordination for both incidents and planned events. 1544
Public safety organizations use up-to-date defined practices, procedures, pre-plans, specific venue/location 1545
response plans, incident type response plans, SOPs, tactical response directives, and/or tactical 1546
interoperability communications plans (TICPs) that identify primary, secondary, and backup LMR assets, 1547
mobile data systems, devices, and relevant applications for effective communications coordination and 1548
information sharing during planned events and incidents 1549
Public safety organizations of various disciplines use a variety of practices, defined plans, and procedures to 1550
delineate voice and data communications capabilities available for incident and event communications 1551
coordination. These practices, plans, and procedures, and the accuracy and completeness of the information 1552
therein, can vary widely depending upon the involved agencies’ size, location, sophistication, and established 1553
54
cooperation with other contiguous or non-contiguous agencies. As the scope of an evolving incident increases 1554
or a planned event requires communications assets and personnel from greater distances, incident commanders 1555
and communications providers must continually assess the best communications capabilities to incorporate in 1556
the incident management plan(s) or planned event criteria. The doctrine can be essential in completing 1557
necessary ICS forms that effectively communicate the categories, types and availability of primary, secondary, 1558
and backup communication capabilities available. 1559
Public safety organizations periodically evaluate, engage, and incorporate commercial and non-traditional 1560
communications partners (e.g., auxiliary communications, volunteers, utilities) in incidents and planned 1561
events 1562
As an enhancement to communications coordination public safety organizations should evaluate existing 1563
communications policy, plans, agreements, and current systems and capabilities usage to determine appropriate 1564
inclusion of commercial and non-traditional communications partners and providers. Through this assessment, 1565
public safety organizations determine opportunities for improvements to communications coordination 1566
available through these entities. Moreover, these commercial and non-traditional partners and providers should 1567
be included in event and incident planning functions so that their resources are readily engaged when needed. 1568
Objective 4.3: Develop or update operational protocols and procedures to support 1569
interoperability across new technologies 1570
Success Indicators 1571
Public safety organizations develop and regularly-update NIMS-aligned SOPs to facilitate the integration, 1572
deployment, and use of communications assets 1573
As of 2018, a significant percentage of public safety agencies, nearly 25 percent, lacked SOPs on emergency 1574
communications, and very few of those focused on emergency communications topics. As noted in the 2018 1575
Nationwide Communications Baseline Assessment findings, few agencies have developed interoperability 1576
policies for emerging communications technologies—only 20 percent of SOPs cover NG911; 18 percent cover 1577
broadband; 18 percent cover priority services; and 16 percent cover cybersecurity. Clear and effective SOPs 1578
enable emergency communications personnel from across the Ecosystem to successfully coordinate for 1579
planned events and unplanned incidents. Additionally, SOPs with mission- or capability-specific roles require 1580
coordination across agencies to standardize procedures in the event of an incident requiring cross-jurisdictional 1581
response. 1582
NIMS includes communications tactical requirements and resources in the incident action plan (IAP). Incident 1583
Command System (ICS) Form 205 serves as the tool to ensure incident responders have the necessary 1584
resources, including equipment, frequencies, and other assets that may be in short supply during a large-scale 1585
event. While completing ICS Form 205 is important, sharing the IAP, which includes Form 205, is imperative 1586
to ensure communications are interoperable and resources align to objectives. When an event is planned or 1587
slow forming, agencies share IAPs ahead of time so that adjustments can be made in a timely manner. Even 1588
when operational periods are short and IAPs are produced quickly, planning personnel must work with 1589
Communications Unit personnel to ensure resources are distributed appropriately and all section chiefs ensure 1590
the IAP is shared with incident responders. Incident commanders and section chiefs promote the need for 1591
communications planning at the tactical level. 1592
Public safety organizations have recommended guidelines developed on the use of personal devices (e.g. , 1593
bring your own device [BYOD]) based on applicable laws and regulations 1594
The proliferation of personal mobile devices and implementation of network policies, such as BYOD, require 1595
strong authentication, data encryption and consistent policies and configuration guidance in order for 1596
organizations to remain secure and interoperable. Public safety organizations should create and enforce mobile 1597
device policies regarding accreditation, acquisition, provisioning, configuration, use of encryption, monitoring, 1598
control, service management, security management, expense management, customer care, retirement and reuse 1599
55
of mobile devices. In addition, public safety organizations should consider the use of mobile device 1600
management (MDM) solutions that address configuration management, software patches, audio/video 1601
permissions, device-level intrusion detection and prevention, and digital asset management systems, such as a 1602
“sandbox” or “virtual desktop”. Working with vendors to develop mission-related use cases and requirements 1603
to inform comprehensive MDM solutions can also improve implementation of these solutions. DHS’ Mobile 1604
Device Adoption Best Practices Guide provides introductory best practices when considering mobile device 1605
use, though organizational-level guidance should be in compliance with applicable laws and regulations. 1606
Public safety organizations leverage training, exercises, and real-world events to test capabilities and update 1607
SOPs 1608
Real-world events, whether planned or unplanned, provide opportunities to translate SOPs from policy to 1609
practice and test their aptitude for establishing and maintaining communications during an emergency or 1610
disaster event. For instance, multi-organizational communications planning bodies benefit from developing 1611
documentation prior to planned events to capture the operationalization of emergency communications 1612
systems. These efforts include clarifying roles, sharing applications, developing channel plans, collecting and 1613
processing historical information and institutional knowledge, and establishing coordination processes for 1614
interoperable talkgroups and sharing assets. Processes developed to test the use of existing or new technologies 1615
may be exercised during scenarios, leading to SOP resolution prior to real events. Agencies develop after-1616
action reports (AARs) following events to assist with defining gaps or missing information resolved through 1617
the development or revision of SOPs. 1618
Public safety organizations periodically review the priority service programs (e.g., 1619
Telecommunications Service Priority, Government Emergency Telecommunications Service, and 1620
Wireless Priority Service) to which they subscribe and ensure they have SOPs governing the 1621
programs’ use, execution, and testing 1622
Telecommunications Service (GETS) provides emergency access and priority processing on the local and 1623
long-distance portions of the Public Switched Telephone Network (PSTN). The Wireless Priority Service 1624
(WPS) gives Federal, State, local, and critical infrastructure personnel priority access calling on cellular 1625
networks for NS/EP purposes during times of high network congestion. The Telecommunications Service 1626
Priority (TSP) Program managed by Priority Telecommunications Service gives NS/EP users priority 1627
processing of their telecommunications service requests in the event of service disruption. 1628
Public safety organizations periodically test the proficiency of personnel in using communications systems’ 1629
features, functions, and capabilities 1630
Public safety organizations establish a repeatable process to periodically observe and record the proficiency of 1631
users of primary, secondary, and backup communications systems. This includes an end-user’s ability to 1632
properly access, navigate, manipulate, and use available features, functions, and capabilities of their 1633
communications devices and equipment. Observations that illustrate a lack of proficiency, established by set 1634
minimum standards, in the use of communications capabilities drive appropriate recommendations for 1635
modifications and expansion of user instructional documentation, informal and formal trainings, drills, 1636
exercises, and SOPs. 1637
Objective 4.4: Strengthen resilience and continuity of communications throughout operations 1638
Success Indicators 1639
Public safety organizations establish sufficient testing and usage observations of all operable and 1640
interoperable primary, secondary, and backup communications systems 1641
It is important for public safety organizations establish a repetitive periodic testing procedure for all operable 1642
and interoperable communications resources (e.g., primary, secondary, and backup) to confirm highest 1643
availability and readiness of those resources. For primary systems, usage observations in lieu of testing are 1644
56
sufficient to ensure the highest degree of availability. Processes to ensure proper notification procedures need 1645
to be established to alert communications systems providers for timely repair responses and end-users of any 1646
failures or unavailability of a communications feature, function, or capability. 1647
PSAPs, PSCCs, and Emergency Operations Centers (EOCs) address systems and staffing to support 1648
communications continuity of operations planning 1649
As part of continuity of operations planning, PSAPs, PSCCs, and EOCs should address staffing requirements 1650
and technical resources to support their ability to maintain communications and functions during incidents. 1651
This includes succession as well as backup procedures for major systems, such as computer-aided dispatch, 1652
radio, and power supply. In addition, PSAPs, PSCCs, and EOCs continuity of operations planning should 1653
incorporate relevant capabilities and assets, such as the Telecommunicator Emergency Response Task Forces 1654
initiative. Telecommunicator Emergency Response Task Forces can help states develop programs to train 1655
teams that can be quickly mobilized and deployed to assist communications centers in the aftermath of 1656
disasters. These efforts can strengthen centers’ ability to maintain continuity as the public’s main point of 1657
contact during crises, while also serving as key coordinators of emergency management activities by 1658
dispatching information to responders. 1659
SAFECOM and the NCSWIC develop best practices to encourage active network sharing and 1660
regionalization of shared services 1661
SAFECOM and the NCSWIC’s Shared Systems Project focuses on creating the plans, processes, and 1662
structures to enhance LMR operability, interoperability, security, and continuity throughout the Nation. 1663
Benefits of network sharing include improved spectrum use, optimization of resources, positive environmental 1664
impacts, a decrease in duplicate investment, reduction of capital and operational expenditure, streamlined 1665
interagency operations, enhanced operational coordination, and economies of scale for subscriber units. 1666
Goal 5 – Technology and Infrastructure: Improve lifecycle management of the 1667
systems and equipment that enable emergency responders and public safety officials 1668
to share information efficiently and securely 1669
Objective 5.1: Support public safety requirements that drive research, development, testing, 1670
and evaluation of emergency communications technology 1671
Success Indicators 1672
SAFECOM and the NCSWIC identify public safety technology and infrastructure capability gaps 1673
Public safety communications benefit from a validated national perspective on capability gaps. SAFECOM and 1674
the NCSWIC identify capability gaps that impact the operability, interoperability, and security of public safety 1675
communications. SAFECOM and the NCSWIC provides the capability gaps to ECPC, which address how they 1676
can be met through existing technology, technological research and development, and/or marketplace 1677
innovation. SAFECOM and the NCSWIC will ensure capability gaps collected are also addressed through 1678
governance, standard operating procedures, training and exercise guidance and advancements. 1679
The ECPC coordinates federal research, development, testing, and evaluation priorities and processes 1680
With organizations often facing common technology challenges, the ECPC can help coordinate these activities 1681
by maintaining a database of research and development (R&D) projects on its Federal Emergency 1682
Communications R&D Portal, through conducting joint initiatives and assessments, and by driving multi-1683
agency participation in testing programs. ECPC coordinates with: 1684
Research centers and laboratories that develop and test new communications technologies. 1685
Organizations conducting R&D to address DHS Component requirements and that partner with other 1686
public safety organizations to extend this research to meet their needs. 1687
57
Programs that evaluate the reliability and effectiveness of commercially developed solutions for public 1688
safety use. 1689
A coordination point for research, development, testing, and evaluation efforts can prioritize activities that pose 1690
the greatest operational benefit to public safety, increase return on investment, and reduce time to market. 1691
The ECPC cultivates sustained engagement (e.g., conferences, summits, cooperative agreements) 1692
between federal research, development, testing and evaluation programs, such as DHS Science and 1693
Technology Directorate and the National Institute of Standards and Technology (NIST) Public Safety 1694
Communications Research Division (PSCR), and public safety organizations focused on resiliency, 1695
interoperability, and other challenges 1696
With limited resources, local, state, territorial, and tribal organizations are often limited in their ability to 1697
develop new technologies. Through its laboratories and testing environments, the Federal Government plays a 1698
leading role in helping to research, develop, test, and evaluate communications technology for the entire public 1699
safety community. Engagement will include greater collaboration between ECPC Working Groups and the 1700
SAFECOM Technology Policy Committee to ensure that federal programs are meeting and reflecting a broad 1701
cross-section of stakeholder concerns. Also, ECPC will encourage federal programs to regularly engage 1702
through conferences, summits, pilot projects and cooperative agreements, such as that performed by 1703
organizations such as DHS Science and Technology Directorate and NIST PSCR. The ECPC may also have 1704
increased cross collaboration with PSCR on initiatives related to resiliency and capacity building to further 1705
identify critical communications technology gaps. Increased ECPC interaction with industry and stakeholders 1706
(e.g., communications and IT sector-specific councils and information sharing and analysis centers [ISAC], 1707
cross collaboration with SAFECOM) will help to identify key focus areas. Sustained engagement allows for 1708
strategic technology partnerships that meet public safety capability gaps for the entire community. 1709
The ECPC partners with the private sector to cultivate an open, innovative, and standards-based 1710
commercial marketplace for solutions development and ensure that public safety requirements are 1711
addressed in current and emerging standards 1712
While direct federal investment in research and development is important to technology development, private 1713
industry plays a critical role by innovating and developing systems, devices, and applications for the public 1714
safety market. Including private industry is essential to the success of any strategy for coordinating the 1715
direction of research and development into new capabilities, and public safety organizations have several 1716
opportunities to ensure that the commercial public safety communications market is open, transparent, and 1717
informed on the priorities of public safety customers. Federal testing facilities can provide a controlled 1718
environment for industry engineers and public safety representatives to evaluate the performance of their 1719
solutions against public safety standards. Compliance certification programs can provide industry with an 1720
opportunity to demonstrate the compliance of new devices and applications with critical technology standards 1721
for public safety voice, and data systems, and provide public safety agencies with transparent documentation 1722
that standards are fully supported before they engage with vendors. Federal agencies can help coordinate 1723
industry engagement by funding pilot programs for new commercial systems, devices, and applications that 1724
target the priorities of the public safety community and ensuring that the findings of those pilot programs are 1725
disseminated openly and transparently to public safety stakeholders. Federal departments and organizations 1726
and communications service providers can partner to ensure that priority service offerings keep pace with 1727
commercial deployment of IP networks, including 5G technologies. Public safety organizations can collaborate 1728
with standards development organizations to ensure requirements are incorporated into emerging 1729
technology―greatly reducing future costs and re-engineering challenges. 1730
58
Objective 5.2: Ensure communications and information sharing systems meet public safety’s 1731
mission critical needs 1732
Success Indicators 1733
SAFECOM and the NCSWIC communicate emerging technology impacts to public safety, such as those 1734
associated with identity management, multimedia, 5G, Internet of Things (IoT), social media, network 1735
virtualization, spectrum optimization, artificial intelligence, machine intelligence, geographic information 1736
systems, and positioning, navigation, and timing systems 1737
The results of research, development, testing, evaluation, standards development, and early adoption of 1738
emerging technology must be communicated to the broader public safety community in plain language. 1739
SAFECOM and the NCSWIC best practices and educational guidance allow the community to harness 1740
emerging technology benefits, while also preempting or mitigating the risks associated with wide-scale 1741
deployment. 1742
SAFECOM and the NCSWIC guide standards-based LMR evolution 1743
The Project 25 (P25) suite of standards for LMR support interoperability and communications continuity for 1744
the public safety community. SAFECOM and the NCSWIC continues to encourage organizations purchasing 1745
P25 communications equipment to use the resources made available by P25 Compliance Assessment Program 1746
and continue to support P25 standards development for interoperability. DHS, as the senior federal partner in 1747
the P25 standards development process and the chair of the P25 Steering Committee continues to help drive 1748
interoperability testing, the addition of enhanced security features, and support for future communications 1749
capabilities such as P25 to LTE interfaces. 1750
The FirstNet Authority innovates and integrates broadband technology into the Nation’s public safety 1751
communications infrastructure 1752
The FirstNet Authority has responsibility to ensure the successful deployment, operation, improvement, and 1753
financial sustainability of the nationwide broadband communications platform. The FirstNet Authority is also 1754
responsible for the advancement or enhancement of public safety communications through standards-based 1755
technology delivery, innovation and participation in standards-bodies related to emergency services and 1756
interoperability. 1757
To support this work, the FirstNet Authority engages with local, state, tribal, and federal public safety entities 1758
and works with national public safety associations that are members of the FirstNet Public Safety Advocacy 1759
Committee to understand their trends, drivers, and priorities. These public safety engagements allow the 1760
FirstNet Authority to remain current on needs and assist public safety entities in understanding how they can 1761
maximize the value they derive from FirstNet. FirstNet delivers specialized features to public safety such as 1762
priority access, preemption, end-to-end encryption, quality of service, more network capacity, and a resilient, 1763
hardened connection supported by dedicated infrastructure. 1764
The National 911 Program coordinates, in collaboration with all levels of government, the integration of 1765
NG911-identified best practices into the Nation’s public safety communications infrastructure 1766
The Department of Transportation National Highway Traffic Safety Administration’s 911 Program Office 1767
plays an active role in coordinating and contributing to 911 policy, standards, and technology development 1768
through its work with public safety organizations across the country. The office coordinates with the Federal 1769
Communications Commission (FCC), which promotes enhanced and NG911 through its role as a regulator 1770
(e.g., Task Force on Optimal PSAP Architecture) and administers the 911 Grant Program. It also provides 1771
strategic planning for collection and use of nationwide 911 data and guidance for interstate implementation of 1772
NG911. The National 911 Program Office and SAFECOM and the NCSWIC have partnered on the promotion 1773
of consistent terminology and assessment of NG9-1 maturity, as well as guidance on Cyber Risks to Next 1774
Generation 911 Systems. DoT also chairs the Next Generation 9-1-1- Working Group within the ECPC, which 1775
59
is working to complete a report which inventories federal PSAP and PSCC assets across the US. 1776
Objective 5.3: Support data interoperability through the development of effective and 1777
sustainable information sharing and data exchange standards, policies, and procedures 1778
Success Indicators 1779
Public safety organizations employ standards-based information exchange models and data sharing 1780
solutions 1781
To communicate seamlessly with the increasingly interconnected systems of the broader community, public 1782
safety organizations should use standards-based information exchange models, such as Organization for the 1783
Advancement of Structured Information Standards Emergency Data eXchange Language (EDXL), National 1784
Information Exchange Model (NIEM), Structured Threat Information eXpression/Trusted Automated 1785
eXchange of Indicator Information (STIX/TAXII), and Global Reference Architecture (GRA). Using these 1786
models can reduce the total cost of ownership of exchanging information among organizations, increase 1787
interoperability, improve grant-eligibility, and provide leverage community-wide for standards-compliant 1788
infrastructure. 1789
Public safety organizations follow acquisition best practices, including consideration for standards-based 1790
infrastructure 1791
Acquisition of standards-based infrastructure in a multi-vendor environment supported by compliance testing 1792
minimizes the risk of operability and interoperability challenges. Standards-based infrastructure also often 1793
supports a consistent set of security features, which can improve the security posture of the entire Ecosystem. 1794
After defining clear and concise requirements, public safety organizations use generic or non-proprietary 1795
language, as appropriate, when crafting acquisition documents and consider the need for standards-based, 1796
interoperable, secure infrastructure during solution selection. Additional acquisition practices can be found in 1797
the 2018 Emergency Communications System Lifecycle Planning Guide. 1798
SAFECOM and the NCSWIC publish best practices and updated guidance on standard operating 1799
procedures to assist the public safety community in meeting data storage, exchange, maintenance, and 1800
analysis challenges 1801
The standards, policies, and procedures for data sharing range from informal verbal agreements to formal 1802
written documentation to standardized interfaces enabled by technology. The guidelines are developed by 1803
organizations at various levels of government and by dedicated organizations specially formed to improve data 1804
sharing capabilities. As reported in the 2018 Nationwide Communications Baseline Assessment, many local 1805
and tribal public safety organizations follow local-level guidance to develop their SOPs. This indicates that 1806
most public safety organizations’ emergency communications at the local-level are influenced by their own set 1807
of standards, policies, and procedures. SAFECOM and the NCSWIC best practices on data lifecycle 1808
management will improve data usage, interoperability and security across the Ecosystem. 1809
Goal 6 – Cybersecurity: Strengthen the cybersecurity posture of the Emergency 1810
Communications Ecosystem 1811
Objective 6.1: Develop and maintain cybersecurity risk management 1812
Success Indicators 1813
Public safety organizations, at a minimum, implement the Cybersecurity Framework 1814
The NIST Cybersecurity Framework is a flexible, risk-based approach to improving the security of critical 1815
infrastructure. Collaboratively developed between government and the private sector, the framework is 1816
designed to complement an existing risk management process or to develop a credible program if one does not 1817
60
exist. Public safety cyber risk programs should be coordinated with existing and future DHS THIRA and SPR 1818
requirements. Ideally, organizations using the Framework and THIRA/SPR will be able to measure and assign 1819
values to their risk along with the cost and benefits of steps taken to reduce risk to acceptable levels. The better 1820
an organization can measure its risk, costs, and benefits of cybersecurity strategies and steps, the more rational, 1821
effective, and valuable its cybersecurity approach and investments will be. 1822
Public safety organizations use the Critical Infrastructure Cyber Community Voluntary Program (C³ 1823
Voluntary Program) 1824
The C³ Voluntary Program is a public-private partnership aligning business enterprises, as well as local, state, 1825
territorial, tribal, and federal governments in the Emergency Services Sector to existing resources to assist their 1826
efforts in using the NIST Cybersecurity Framework. The C³ Voluntary Program, and its implementation 1827
guidance, aims to simplify the process for all organizations in the Emergency Services Sector— regardless of 1828
their size, cybersecurity risk, or current level of cybersecurity sophistication—to apply the principles and best 1829
practices of risk management. Ultimately, the NIST Cybersecurity Framework and C³ Voluntary Program are 1830
focused on helping individual organizations reduce and better manage their cybersecurity risks, contributing to 1831
a more secure and resilient sector overall. 1832
Objective 6.2: Mitigate cybersecurity vulnerabilities 1833
Success Indicators 1834
SAFECOM and the NCSWIC share planning and mitigation guidance regarding known threats and 1835
vulnerabilities 1836
In addition to promoting US-CERT and other Information Sharing Environment notifications of public safety-1837
specific threats and attacks, SAFECOM and the NCSWIC guidance educates the community on known threats 1838
and their mitigations. For example, SAFECOM and the NCSWIC guidance regarding RF interference, or 1839
“jamming”: (1) educates and trains personnel to identify and respond appropriately to RF interference; (2) 1840
familiarizes organizations with how to report incidents of RF interference to the FCC and other appropriate 1841
authorities; and (3) helps legislators and regulators understand the value of enforcement legislation. Depending 1842
on the threat, guidance could also encourage risk mitigation through implementation of current network 1843
management techniques, such as virtual private networks, access control systems, firewalls, segmentation, or 1844
continuous monitoring systems, to decrease public safety network vulnerability, as well as identify areas for 1845
necessary R&D. 1846
Public safety organizations implement interoperable encryption, as needed 1847
Voice and data encryption are increasing in use throughout the public safety community. The decision to use 1848
encrypted interoperable communications must be made with the understanding that encryption can add a 1849
significant level of complexity and should be considered only when the operational requirements of the 1850
incident outweigh the additional complications. In addition, managing the associated encryption keys across 1851
their lifecycle can result in additional vulnerabilities and could possibly make important data inaccessible to 1852
authorized users1. Guidance on encryption and key management is available to the community, such as the 1853
Best Practices for Encryption in Project 25 Public Safety Land Mobile Radio Systems and Best Practices for 1854
Public Safety Interoperable Communications.2 1855
1 The use of voice encryption on designated interoperability and mutual aid channels can create obstacles to interoperability and is highly discouraged. In the
event encryption is deemed necessary due to unique operational needs, it must follow existing FCC regulations and comply with an approved regional
communications plan. 2 NPSTC’s Best Practices for Public Safety Interoperable Communications, Best Practice #11 - Managing Encryption for Interoperability Resources: The use of
voice encryption on designated interoperability and mutual aid channels can create obstacles to interoperability and is highly discouraged. In the event encryption
is deemed necessary due to unique operational needs, it must follow existing FCC regulations and comply with an approved regional communications plan.
NPSTC Report: Best Practices for Public Safety Interoperable Communications, May 2018.
61
The ECPC refines the NG911 Emergency Communications Center (EC3) concept 1856
NG911 networks introduce new vectors for attack that can disrupt or disable operations. As such, the Federal 1857
Communications Commission’s Task Force on Optimal PSAP Architecture has recommended the 1858
implementation of EC3s.3,4 EC3s detect, analyze, and respond to cybersecurity incidents using a combination 1859
of technology solutions, security analysts, and a strong set of processes to serve any emergency communication 1860
services that would benefit from using centralized, core cybersecurity services. The EC3 cybersecurity layer 1861
for the NG911 architecture will play a vital part in the operation and maintenance of NG911. The ECPC will 1862
need to help refine fundamental attributes of EC3, including governance, funding, usage, operating procedures, 1863
technical capabilities, technical architecture, and interconnection requirements. The EC3 layer must provide 1864
defined value for PSAPs―compelling benefits to help them address cybersecurity and, potentially, the Big 1865
Data issues associated with acceptance of data-based communications, such as texts, photos, and videos. 1866
NIST evaluates equipment and protocol vulnerabilities that impact the public safety mission 1867
One of the most important aspects of cybersecurity for the evolving emergency communications environment 1868
is a comprehensive review of the standardized protocols and proprietary mechanisms connecting devices to 1869
and through the Internet. Not only will protocols and mechanisms need to be secure, but device manufacturers 1870
and system administrators will need to understand the importance of cybersecurity in an interconnected 1871
network environment, even when it impacts the simplicity and efficiency of their products. Evaluations may 1872
include supply and repair chain risk management, as well as deployment, operations and maintenance 1873
guidance. NIST should review protocol standards, as well as provide cybersecurity testing and certification 1874
activities, for the public safety community. 1875
Objective 6.3: Determine public safety-specific, standards-based cyber hygiene minimums 1876
and fund ongoing risk mitigation 1877
Success Indicators 1878
NIST establishes public safety-specific, standards-based cyber hygiene minimums for public safety 1879
Cybersecurity is not a static process to be completed once, but a continual process of enhancing defense. Some 1880
organizations will have less capacity than others to apply for and manage grants, and therefore NIST should 1881
work to develop a plan for setting, testing, and maintaining cyber minimum standards to assist cybersecurity-1882
eligible grant programs in distributing necessary funding to public safety stakeholders. According to the 2018 1883
Nationwide Communications Baseline Assessment results, 37 percent of respondents indicated that 1884
cybersecurity incidents have had an impact on the ability of their emergency response providers and 1885
government officials’ ability to communicate over the past five years. Yet, almost half of respondents had not 1886
instituted cybersecurity best practices, such as risk assessment, continuous monitoring, and identity 1887
management. In fact, only one in five respondents indicated having cybersecurity incident response plans, 1888
policies and capabilities. 1889
SAFECOM updates the Interoperability Continuum to account for cybersecurity 1890
To promote the importance of cybersecurity to operability and interoperability, cybersecurity should be 1891
included as a critical success element in the SAFECOM Interoperability Continuum. The Continuum assists 1892
emergency response organizations and policy makers to plan and implement interoperability solutions for data 1893
and voice communications. 1894
3 FCC Task Force on Optimal PSAP Architecture, Adopted Final Report. 29 Jan 2016,
https://transition.fcc.gov/pshs/911/TFOPA/TFOPA_FINALReport_012916.pdf 4 FCC Task Force on Optimal PSAP Architecture, Optimal Cybersecurity Approach for PSAPs, 2 December 2016,
https://transition.fcc.gov/pshs/911/TFOPA/TFOPA_WG1_Supplemental_Report-120216.pdf
62
SAFECOM and the NCSWIC consolidate and publish information on available cybersecurity services and 1895
grant programs, such as those detailed in the DHS Cybersecurity Services Catalog and the Homeland 1896
Security Grant Program 1897
There are voluntary, non-binding, and no cost cybersecurity services available from the Federal Government to 1898
the SLTT community, as detailed in the DHS Cybersecurity Services Catalog for SLTT. In addition, public 1899
safety organizations may leverage Homeland Security Grant Program (HSGP) State Homeland Security 1900
Program (SHSP) and/or Urban Area Security Initiative (UASI) grants for their cybersecurity risk management. 1901
The 911 Grant Program might also provide funds for cybersecurity solutions as part of broader operation of 1902
NG911 systems. 1903
National Risk Management Center provides a cost study of public safety cybersecurity risk management and 1904
evaluates the need for additional grant programs 1905
Eighty percent of state CIO’s surveyed in the 2016 National Association of State Chief Information Officers 1906
(NASCIO) study indicated lack of sufficient funding as their primary challenge in cybersecurity, and according 1907
to the 2018 Nationwide Communications Baseline Assessment, most organizations (81–84 percent) have no 1908
funding or insufficient funding for cybersecurity. Targeted grant programs may be necessary to enable public 1909
safety organizations’ investment in cybersecurity, including foundational security architecture, advanced 1910
protective tools, and experienced technical professionals to manage them. 1911
NIST provides incentives for cybersecurity-specific R&D activities based on known threats 1912
Government and academic research facilities identify and develop new technologies that address public safety 1913
mission critical cybersecurity requirements that are not currently offered by commercial solutions. PSCR 1914
incentives may include grant programs, pilot programs, hackathons, or other activities. PSCR may collaborate 1915
with SAFECOM and the NCSWIC, the National Public Safety Telecommunications Council, and the FirstNet 1916
Authority to identify and develop cybersecurity requirements. Additional collaboration with US-CERT, 1917
NCCIC, and others will help PSCR to collect and prioritize known cyber threats for research and development. 1918
63
Appendix 1. Requirements Matrix 1919
1920 Table A1-1. 6 U.S.C. § 572 Requirements Cross-referenced with 2019 NECP
Content
2019 NECP Section 6 U.S.C. § 572 Requirement Filled
Section 1.0 - Introduction
6 U.S.C. § 572(a)-(b)
6 U.S.C. § 572(c)(7)
6 U.S.C. § 572(c)(10)
Section 2.0 – Emergency
Communications Ecosystem
6 U.S.C. § 572(b)(1)-(2)
6 U.S.C. § 572(c)(3)
6 U.S.C. § 572(c)(5)
Section 3.0 – NECP Strategic Goals 6 U.S.C. § 572(c)
Goal 1
6 U.S.C. § 572(b)
6 U.S.C. § 572(c)(5)-(7)
6 U.S.C. § 572(c)(9)
Goal 2
6 U.S.C. § 572(c)(1)
6 U.S.C. § 572(c)(4)
6 U.S.C. § 572(c)(7)
Goal 3
6 U.S.C. § 572(a)(1)-(2)
6 U.S.C. § 572(c)(3)
6 U.S.C. § 572(c)(5)-(6)
6 U.S.C. § 572(c)(8)
Goal 4
6 U.S.C. § 572(a)(1)-(2)
6 U.S.C. § 572(c)(2)
6 U.S.C. § 572(c)(4)-(6)
6 U.S.C. § 572(c)(9)
Goal 5
6 U.S.C. § 572(a)(1)-(2)
6 U.S.C. § 572(c)(1)-(6)
6 U.S.C. § 572(c)(8)
Goal 6
6 U.S.C. § 572(a)(1)-(2)
6 U.S.C. § 572(c)(1)-(2)
6 U.S.C. § 572(c)(8)
Section 4.0 - Implementation 6 U.S.C. § 572(c)
6 U.S.C. § 572(c)(10)
Section 5.0 - Conclusion 6 U.S.C. § 572(c)
6 U.S.C. § 572(c)(8)
1921
64
Appendix 2. Key Authorities 1922
Statutory Authorities 1923
This appendix lists key authorities that guide the development, implementation, and management of the 1924
National Emergency Communications Plan (NECP). For example, Title XVIII of the Department of Homeland 1925
Security (DHS) Appropriations Act of 2007 impacts the NECP directly by requiring DHS to periodically 1926
update the plan.5 In addition, related statutes pertaining to emergency communications nationwide also 1927
indirectly help to guide NECP improvements and revisions. This list identifies the foundation of statutes on 1928
which emergency communications functions are executed. 1929
1. Communications Act of 1934, Pub. L. No. 73-416) (1934), as amended by the Telecommunications Act of 1930
1996, Pub. L. No 104-104 (1996) 1931
2. Robert T. Stafford Disaster Relief and Emergency Assistance Act (“Stafford Act”), Pub. L. No. 93-288 (as 1932
amended 1988) 1933
3. Homeland Security Act of 2002, Pub. L. No. 107-296 (as amended 2002) 1934
4. Intelligence Reform and Terrorism Prevention Act of 2004, Pub. L. No. 108-458 (codified as amended at 6 1935
U.S.C. § 194(a)(1)) (2004)) 1936
5. Security and Accountability for Every Port Act of 2006, Pub. L. No. 109–347 (codified at 42 U.S.C. § 1201 1937
(2006)) 1938
6. Implementing Recommendations of the 9/11 Commission Act of 2007, Pub. L. No. 110-53 (codified as 1939
amended at 6 U.S.C. §§ 572(c)(10) 1940
7. Middle-Class Tax Relief and Jobs Creation Act of 2012, Pub. L. No. 112-96 (codified at 47 U.S.C. § 1426 1941
2012) 1942
8. Next Generation 911 Advancement Act of 2012, Pub. L. No.(P.L. 112-96) (codified as amended at 47 1943
U.S.C. 942 (2012)) 1944
Administrative and Executive Authorities 1945
Tables A2-2 to A2-5 describe related presidential directives and executive orders that affect NECP 1946
development and implementation processes. For example, these authorities set national policy and provide 1947
executive direction in areas closely related to emergency communications, including national preparedness, 1948
domestic incident management, critical infrastructure resilience, cybersecurity, and continuity of government 1949
operations. As such, NECP concepts and strategies align with these authorities, are shaped by them, or both. 1950
1. Homeland Security Presidential Directive (HSPD) –5, Management of Domestic Incident (2003) 1951
2. Homeland Security Presidential Directive 7—Critical Infrastructure Identification, Prioritization, and 1952
Protection. (2003) 1953
3. Homeland Security Presidential Directive (HSPD) 12 – Policy for a Common Identification Standard for 1954
Federal Employees and Contractors (2004) 1955
4. Homeland Security Presidential Directive (HSPD) 20 – National Continuity policy (2004) 1956
5. National Security Presidential Directive (NSPD) 51/Homeland Security Presidential Directive 20, 1957
National Continuity Policy (2007) 1958
6. National Security Decision Directive 97—National Security Telecommunications Policy, (1983) 1959
7. National Security Presidential Directive 39 – U.S. Space-Based Position, Navigation, and Timing Policy 1960
(2004) 1961
8. Presidential Policy Directive (PPD) – 8, National Preparedness, (2011) 1962
9. PPD – 21, Critical Infrastructure Security and Resilience, (2013) 1963
10. PDD – 4: National Space Policy (2007) 1964
11. PDD – 41: U.S. Cyber Incident Coordination (2016) 1965
5 6 U.S.C. § 572. NECP (2007).
65
12. Executive Order (E.O) 13175 – Consultation and Coordination with Indian Tribal (2000) 1966
13. E.O. 13407 – Integrated Public Alert and Warning System (2006) 1967
14. E.O. 13618 – Assignment of National Security and Emergency Preparedness Communications Functions 1968
(2012) 1969
15. E.O. 13616 – Accelerating Broadband Infrastructure Deployment (2012) 1970
16. E.O. 13636 – Improving Critical Infrastructure Cybersecurity (2013) 1971
Related Authorities 1972
While Tables A2-1 to A2-5 include primary authorities that most directly impact emergency communications, 1973
Table A2-6 lists other homeland security policy, plans, and doctrine that influence the NECP development and 1974
implementation lifecycle and that the NECP, in turn, helps to accomplish. 1975
1. National Preparedness System (2011) 1976
2. National Infrastructure Protection Plan (NIPP) – NIPP 2013: Partnering for Critical Infrastructure 1977
Security and Resilience (2013) 1978
3. National Preparedness Goal, Second Edition (2015) 1979
4. National Response Framework, Third Edition (2016) 1980
5. Response Federal Interagency Operational Plans, Second Edition (2016) 1981
6. National Preparedness Report (2017) 1982
7. National Incident Management System, Third Edition (2017) 1983
66
Appendix 3. Roles and Responsibilities 1984
This appendix provides an overview of the roles and responsibilities of the key public and private stakeholders 1985
who are involved in the emergency communications mission and the implementation of the NECP. In addition 1986
to emergency responders at all levels of government, this appendix also addresses key private sector and 1987
nongovernmental organizations, as well as partnerships and advisory committees, with whom the Federal 1988
Government coordinates emergency communications policies, plans, and programs. 1989
All Levels of Government 1990
The responsibility for responding to and managing planned events and unplanned incidents begins at the local 1991
level with individuals, first responders, and public officials in the county, city, or town affected by the incident. 1992
When emergencies escalate, additional support may be requested from other jurisdictions, states, or even the 1993
Federal Government. Operational communications is a core capability for any incident, regardless of size, 1994
location, or cause; therefore, each level of government must take the necessary preparedness actions to ensure 1995
the capacity to communicate with both the emergency response community and the affected populations, as 1996
well as with other governmental entities. 1997
Local Jurisdictions 1998
Local leaders, emergency managers, and public safety officials prepare their communities to manage incidents 1999
locally. Among their numerous responsibilities, these officials provide strategic guidance, manage resources, 2000
develop and implement policies and budgets, and oversee local preparedness efforts to improve emergency 2001
management and response capabilities. A number of local entities involved in response operations require 2002
interoperable, continuous, and secure communications to carry out their missions. This includes public safety 2003
disciplines, such as local law enforcement, fire, and emergency medical service personnel who respond to the 2004
early stages of an incident and are primarily responsible for the protection and preservation of life, property, 2005
evidence, and the environment. In addition, emergency management agencies are also involved with 2006
coordination and communications during incidents by disseminating alerts and warnings and operating 2007
emergency operations centers, among other key functions. Local Public Safety Answering Points and Public 2008
Safety Communications Centers also play critical roles by serving as key communications and information 2009
conduits between the public and emergency responders. Since natural and man-made emergency response 2010
efforts generally begin at the local level, coordination among these entities is critical to ensuring effective 2011
communications and information sharing when responding to emergencies of all scopes and sizes. 2012
State Agencies 2013
State agencies and officials help coordinate and integrate statewide responders and resources into the local 2014
incident command before, during, and after incidents. States must be prepared to maintain or accelerate the 2015
provision of emergency communications resources and services when an incident grows and local capabilities 2016
are unable to keep up with demand. Likewise, if a state anticipates that its resources may be exceeded, they 2017
must have a process in place to request and integrate Federal assistance. A listing of the key statewide officials 2018
and governing bodies with responsibility for emergency communications are described below. This list is not 2019
intended to be exhaustive as some states have additional agencies or individuals with whom they interact.6 2020
Statewide Interoperability Coordinator. The Statewide Interoperability Coordinator, or SWIC, serves as 2021
the state’s single point of coordination for interoperable communications and implements the Statewide 2022
Communication Interoperability Plan, which establishes a vision for interoperability in the state. 2023
6 Each State has the ability to designate other officials and offices to oversee aspects of emergency communications and information technology.
67
State Single Point of Contact. The Single Point of Contact, or SPOC, serves as the coordinator for the 2024
State and Local Implementation Grant Program and First Responder Network Authority efforts with 2025
respect to the Nationwide Public Safety Broadband Network. This person may or may not be the Statewide 2026
Interoperability Coordinator. 2027
Statewide Interoperability Governing Body or Statewide Interoperability Executive Committee. The 2028
Statewide Interoperability Governing Body or Statewide Interoperability Executive Committee serves as 2029
the primary steering group for the statewide interoperability strategy. Its mission is to support the National 2030
Council of Statewide Interoperability Coordinators in efforts to improve emergency response 2031
communications across the state through enhanced data and voice communications interoperability. 2032
Statewide Interoperability Governing Bodies and Statewide Interoperability Executive Committees often 2033
include representatives from various jurisdictions, disciplines, as well as subject matter experts. 2034
State Emergency Management Agency Director. The director of the state emergency management 2035
agency is responsible for ensuring that the state is prepared to deal with any type of emergency, as well as 2036
coordinating statewide incident response. This includes collaborating with appropriate statewide 2037
representatives for critical capabilities, such as emergency communications. The director may also have the 2038
responsibility for statewide 911 communications and public alerting. 2039
State Information Technology and Security Officials. A state’s or territory’s chief information officer, 2040
chief technology officer, and chief information security officer manage key information technology and 2041
broadband deployment initiatives, including information technology procurement, security, and 2042
information technology planning and budgeting. 2043
State 911 Administrator. This individual manages a state’s or territory’s 911 functions as determined by 2044
state legislation. The official title and role of this position may vary by state or territory. 2045
Territories 2046
Similar to each state, territorial governments are also responsible for coordinating the emergency 2047
communications resources needed to respond to incidents of all types and any scale, determining their resource 2048
capacity, and ensuring an efficient process for requesting assistance, when necessary. Given that their 2049
geographical locations often present unique challenges for receiving assistance during times of disaster, it is 2050
equally important for territorial governments to prioritize emergency communications. It is especially critical 2051
for territories to build relationships and partnerships among neighboring islands, other nearby countries, states, 2052
the private sector, nongovernmental organizations, and the Federal Government. 2053
Tribal Nations 2054
Tribal Nations are geographically dispersed across the United States, and tribe size varies significantly, both by 2055
enrollment and land area. Federal agencies respect tribal self-government and sovereignty, honor tribal treaties 2056
and other rights, and strive to meet the responsibilities that arise from the unique legal relationship between the 2057
Federal Government and tribal governments. Communications and emergency services might be handled 2058
internally by a tribe; provided by Federal, state, or county entities; or handled by any combination, thereof. 2059
These jurisdictional complexities can greatly complicate emergency response and communications. Many 2060
reservations are located in rural areas far from emergency services, which also pose challenges for first 2061
responder communications. 2062
68
Federal Departments and Agencies 2063
The Federal Government has an array of capabilities 2064
and resources that can be made available to support 2065
emergency response efforts at all levels of government. 2066
Federal departments or agencies may function as first 2067
responders for incidents involving primary Federal 2068
jurisdiction or authorities (e.g., on a military base, a 2069
Federal facility, or Federal lands). Under these 2070
circumstances, a Federal department or agency becomes 2071
the central coordinator of emergency communications 2072
activities with state, local, tribal, territorial, and regional 2073
partners. Examples include the United States Coast 2074
Guard or the Environmental Protection Agency for oil 2075
and hazardous materials spills and the United States 2076
Forest Service or the Department of the Interior for fires 2077
on Federal lands. 2078
At the same time, the Federal Government is 2079
responsible for ensuring the efficient delivery of Federal 2080
capabilities for large-scale and catastrophic incidents in 2081
support of state, local, tribal, and territorial government 2082
efforts, as well as other Federal partners. This can 2083
include the following communication functions: 2084
Facilitating Federal, state, local, tribal, and 2085
territorial planning through funding, technical 2086
assistance, and guidance; 2087
Promoting the development of national, regional, 2088
and statewide communications plans to address how available Federal assets can be incorporated during 2089
times of crisis; 2090
Promoting the alignment of Federal, state, local, tribal, territorial, and private sector emergency 2091
communications plans and preparedness activities to facilitate the development of robust regional 2092
communications coordination capabilities; and 2093
Supporting Federal, state, local, tribal, and territorial operational efforts, providing surge capacity and 2094
coordinating distribution of Federal resources to support emergency communications. 2095
Emergency Communications
Preparedness Center
Members
Department of Agriculture
Department of Commerce
Department of Defense
Department of Energy
Department of Health & Human
Services
Department of Homeland Security
Department of the Interior
Department of Justice
Department of Labor
Department of State
Department of Transportation
Department of the Treasury
Federal Communications Commission
General Services Administration
69
Private Sector Entities and Nongovernmental Organizations 2096
Private Sector 2097
As the owners and operators of the majority of the 2098
Nation’s critical infrastructure, private sector 2099
entities are responsible for protecting key 2100
commercial communications assets, as well as 2101
ensuring the resiliency and reliability of 2102
communications during day-to-day operations and 2103
emergency response and recovery efforts. In 2104
addition, commercial communications carriers have 2105
a primary role in network restoration during outages 2106
and service failures and support reconstitution for 2107
emergency response and recovery operations. The 2108
communications sector has a history of successfully 2109
cooperating both within the sector and with 2110
response entities at all levels of government. These 2111
relationships help government and the private sector 2112
coordinate joint incident response activities, share 2113
and analyze infrastructure information, and 2114
coordinate standards development and priority 2115
service technologies. 2116
The private sector’s extensive experience 2117
protecting, restoring, and reconstituting the 2118
communications infrastructure will be particularly 2119
important as the Nation plans and prepares for the adoption, migration, and use of emerging technologies, 2120
including the continued deployment of the Nationwide Public Safety Broadband Network. Its expertise 2121
provides insight on how to address network vulnerabilities so that emergency communications are reliable and 2122
resilient during times of crisis. 2123
Depending on the type of incident and its scale, other private sector entities may also have a role supporting, 2124
facilitating, or using communications during emergencies, as well as provide services and networks for the 2125
government to alert the public. For example, key private sector partners—including privately-owned 2126
transportation and transit, telecommunications, utilities, financial institutions, hospitals, and other health 2127
regulated facilities—may need to establish and maintain a direct line of communication between their 2128
organization and emergency response officials. 2129
Private Sector Partnerships
“Update national strategies (such as the
National Response Framework and the NECP)
and initiatives to account for advanced [Next
Generation Network] communications
capabilities, such as the Nationwide Public
Safety Broadband Network, and to reflect the
evolving communications environment.”
- National Security Telecommunications
Advisory Committee Report to the
President on the National Security and
Emergency Preparedness Implications of
a Nationwide Public Safety Broadband
Network
70
Nongovernmental Organizations 2130
Nongovernmental organizations can play vital roles during emergency response and recovery operations, as 2131
they have the capability to deliver specialized services that support core capabilities, including operational 2132
communications.7 Nongovernmental organizations include voluntary and non-profit organizations that provide 2133
shelter, food, and other essential support 2134
services and disaster relief.8 As technology 2135
evolves, NGOs are also implementing new 2136
ways to facilitate communications and 2137
information sharing during emergencies. 2138
Individuals and Volunteer 2139
Organizations 2140
As discussed in Section 2.0 of the NECP, the 2141
public and volunteer groups play an 2142
increasingly important role in emergency 2143
communications. Emergencies are often first 2144
reported to authorities by members of the 2145
public seeking assistance, and—more than 2146
ever before—the public is encouraged to alert 2147
the government to potentially dangerous or 2148
suspicious activities or update officials on the 2149
aftermath of an incident. For example, the 2150
Department of Homeland Security’s (DHS) “If 2151
You See Something, Say Something” 2152
campaign emphasizes the importance of 2153
reporting suspicious activity to the proper local 2154
law enforcement authorities. 2155
Likewise, volunteer organizations such as community emergency response teams and auxiliary 2156
communications volunteers play key roles in emergency communications and preparedness. Volunteer 2157
emergency communications operators and groups using amateur radio have been providing backup 2158
communications to event planners, public safety officials, and emergency managers at all levels of government 2159
for nearly 100 years. Often, amateur radio services have been used when other forms of communications have 2160
failed or have been disrupted. Today, nearly all the states and territories have incorporated some level of 2161
participation by amateur radio auxiliary communication operators into their Tactical Interoperable 2162
Communications Plans and Statewide Communication Interoperability Plans, allowing them to quickly 2163
integrate the operators into response efforts, which can strengthen communications and operations during 2164
incidents of any scale. 2165
Partnership and Advisory Groups 2166
Partnership groups are key mechanisms for successful implementation of the NECP and execution of the 2167
national emergency communications mission. They provide best practices and subject matter expertise to the 2168
government and allow emergency response stakeholders to cultivate working relationships and help shape 2169
strategic and operational plans to improve emergency communications. With the changes in the emergency 2170
communications ecosystem, as noted in Section 2.0 of the NECP, the pool of partnerships and their roles and 2171
responsibilities for supporting emergency communications continues to evolve and expand. The list below 2172
includes key partnership organizations and advisory bodies: 2173
7 For a list of all core capabilities, refer to the National Preparedness Goal, www.fema.gov/ppd8. 8 FEMA. National Response Framework, June 2016, pg. 9. https://www.fema.gov/media-library-data/1466014682982-9bcf8245ba4c60c120aa915abe74e15d/National_Response_Framework3rd.pdf
Nongovernmental Organization
Communications during Response
Operations
The American Red Cross has established a digital
operations center in Washington, D.C., that enables
the organization to more effectively understand and
anticipate disaster needs in order to deploy assistance
more efficiently. The center has the capability to
monitor, respond to, and analyze social media
platforms, share timely information, coordinate with
other emergency response entities, and allocate
resources accordingly. The American Red Cross has
developed a training program to leverage digital
volunteers that can be called upon to scale up digital
operations for emergency situations such as
Hurricanes Maria, Harvey and Florence.
71
Canada – United States Communications Interoperability Working Group. The Canada – United 2174
States Communications Interoperability Working Group is a joint effort between Canada and the United 2175
States. It is co-chaired by Public Safety Canada and DHS’ Office of Emergency Communications. The 2176
Interoperability Working Groups goal is to support each country’s national interoperability strategy and 2177
work to resolve bilateral issues of common interest concerning cross-border communications and 2178
information exchange. 2179
Communications Security, Reliability and Interoperability Council. The Communications Security, 2180
Reliability and Interoperability Council is an advisory committee that provides recommendations to the 2181
FCC to ensure, among other things, optimal security and reliability of communications systems, including 2182
telecommunications, media, and public safety. 2183
Critical Infrastructure Partnership Advisory Council. The Critical Infrastructure Partnership Advisory 2184
Council is a DHS program established to facilitate effective coordination of critical infrastructure activities 2185
among the Federal Government; the private sector; and state, local, tribal, and territorial governments. 2186
Emergency Communications Preparedness Center. As the Federal interagency focal point for 2187
interoperable and operable emergency communications coordination, the Emergency Communications 2188
Preparedness Center’s mission is to improve emergency communications collaboration across the Federal 2189
Government, and align initiatives with national goals, policy, and guidance. The 14 Federal departments 2190
and agencies that comprise the Emergency Communications Preparedness Center represent the Federal 2191
Government’s broad role in emergency communications, including planning, policy, operations, grants, 2192
and technical assistance. 2193
National Council of Statewide Interoperability Coordinators. Comprised of all Statewide 2194
Interoperability Coordinators (SWICs), the National Council of Statewide Interoperability Coordinators 2195
assists SWICs with promoting the critical importance of interoperable communications and the sharing of 2196
best practices to ensure the highest level of interoperable communications across the Nation. 2197
National Public Safety Telecommunications Council. Composed of state and local public safety 2198
representatives, the National Public Safety Telecommunications Council is a federation of national public 2199
safety leadership organizations dedicated to improving emergency response communications and 2200
interoperability through collaborative leadership. 2201
National Security/Emergency Preparedness. Committee in July 2012 as a forum—comprised of 2202
representatives from at least eight designated Federal agencies—to recommend policy and advise the 2203
President on national security and emergency preparedness communications issues. 2204
Communications Executive Committee. Executive Order 13618, Assignment of National Security and 2205
Emergency Preparedness Communications Functions, established the National Security and Emergency 2206
Preparedness Executive 2207
National Security Telecommunications Advisory Committee. The President’s National Security 2208
Telecommunications Advisory Committee (NSTAC) is composed of private sector executives who 2209
represent major communications and network service providers, as well as information technology, 2210
finance, and aerospace companies. Through DHS, NSTAC provides private sector-based analyses and 2211
recommendations to the President and the Executive Branch on policy and enhancements to national 2212
security and emergency preparedness communications information and communications services, as well 2213
as advice regarding the feasibility of implementing specific measures to improve the telecommunications 2214
aspects of the national security posture. 2215
72
Public Safety Advisory Committee. The Public Safety Advisory Committee is a standing advisory 2216
committee that assists the First Responder Network Authority in carrying out its duties and responsibilities. 2217
The Public Safety Advisory Committee is comprised of 40 representatives from various public safety 2218
organizations that are part of the DHS SAFECOM program. 2219
Regional Emergency Communications Coordination Working Group. The Regional Emergency 2220
Communications Coordination Working Groups serve as the single coordination points for emergency 2221
communications at the regional level. A Regional Emergency Communications Coordination Working 2222
Group has been established in each of the 10 Federal Emergency Management Agency (FEMA) regions. 2223
Each Regional Emergency Communications Coordination Working Group has unique membership 2224
dependent on regional government structure and processes. 2225
SAFECOM. SAFECOM is an emergency communications program of the DHS. As a stakeholder-driven 2226
program, SAFECOM is led by an Executive Committee, in support of the overall membership, which is 2227
primarily composed of state and local emergency responders and intergovernmental and national public 2228
safety communications associations. SAFECOM regularly convenes to discuss interoperability and 2229
emergency communications, and to provide input on challenges, needs, and best practices of emergency 2230
responders. OEC develops policy, guidance, and future initiatives by drawing on the expertise of the 2231
Executive Committee. 2232
73
Appendix 4. SAFECOM Interoperability 2233
Continuum 2234
Developed with practitioner input from the Department of Homeland Security’s (DHS) SAFECOM program, 2235
the Interoperability Continuum is designed to assist emergency response agencies and policy makers to plan 2236
and implement interoperability solutions for data and voice communications. This tool identifies the five 2237
critical success elements that must be addressed to achieve a sophisticated interoperability solution: 2238
governance, standard operating procedures, technology, training and exercises, and usage of interoperable 2239
communications. The Interoperability Continuum can be used by jurisdictions to track progress in 2240
strengthening interoperable communications. In addition, the DHS Office of Emergency Communications has 2241
used the Interoperability Continuum to develop the priorities and measure the goals of the NECP. For more 2242
information, see Section 4.0 Implementing the NECP. 2243
Interoperability is a multi-dimensional challenge. To gain a true picture of a region’s interoperability, progress 2244
in each of the five interdependent elements must be considered. For example, when a region procures new 2245
equipment, that region should plan and conduct training and exercises to maximize the use of that equipment. 2246
Optimal level interoperability is contingent upon individual agency and jurisdictional needs. The Continuum is 2247
designed as a guide for jurisdictions that are pursuing a new interoperability solution, based on changing needs 2248
or additional resources; it is an evolving tool that supports national preparedness doctrine including, but not 2249
limited to, the National Incident Management System, the National Response Framework, and the NECP. To 2250
maximize the Interoperability Continuum’s value to the emergency response community, SAFECOM will 2251
regularly update the tool through a consensus process involving practitioners, technical experts, and 2252
representatives from federal, state, local, and tribal agencies. 2253
Exhibit A5-1. SAFECOM Interoperability Continuum
74
Appendix 5. Source Documents 2254
This appendix lists the key source documents that the Department of Homeland Security (DHS) used to inform 2255
and shape the concepts, goals, and objectives of the 2019 NECP. This list is not exhaustive; rather, it highlights 2256
the primary source documents that were developed since the 2014 NECP. 2257
Federal Departments and Agencies 2258
1. DHS/FEMA: Comprehensive Preparedness Guide (CPG) 201: Threat and Hazard Identification and Risk 2259
Assessment (THIRA) and Stakeholder Preparedness Review (SPR) Guide 2018 2260
https://www.fema.gov/media-library/assets/documents/165308 2261
2. DHS/Office of Emergency Communications: FY18 SAFECOM Guidance on Emergency Communications 2262
Grants 2263
https://www.dhs.gov/sites/default/files/publications/FY2018_SAFECOM_Guidance_FINAL_508C_060512264
8.pdf 2265
3. National Institute of Standards and Technology Framework for Improving Critical Infrastructure 2266
Cybersecurity (2018): https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf 2267
4. DHS Cybersecurity Services Catalog for SLTT(2018): https://www.us-2268
cert.gov/sites/default/files/c3vp/sltt/SLTT_Hands_On_Support.pdf 2269
5. DHS/Federal Emergency Management Agency (FEMA): 2017 National Incident Management System 2270
https://www.fema.gov/media-library-data/1508151197225-2271
ced8c60378c3936adb92c1a3ee6f6564/FINAL_NIMS_2017.pdf 2272
6. DHS/FEMA: 2017 National Preparedness Report https://www.fema.gov/media-library-2273
data/1503926640648-2274
0b64216b808eb42a93ba96fe8888d113/2017NationalPreparednessReport_508_COMPLIANT.pdf 2275
7. DHS/FEMA: National Response Framework, Third Edition https://www.fema.gov/media-library-2276
data/1466014682982-9bcf8245ba4c60c120aa915abe74e15d/National_Response_Framework3rd.pdf 2277
8. National Institute of Standards and Technology: Project 25 Compliance Assessment Program (P25 CAP) 2278
https://www.nist.gov/ctl/pscr/newsroom/press/p25-cap 2279
9. United States National Grid Recommendations for update of the National Emergency Communications 2280
Plan (NECP) 2281
Congressional Panels, Testimonies, and Reports 2282
1. Written Testimony of Rear Admiral Ronald Hewitt, USCG (Retired) Director, OEC: 2283
https://docs.house.gov/meetings/HM/HM12/20171012/106503/HHRG-115-HM12-Wstate-HewittR-2284
20171012.pdf 2285
National Associations, Advisory Boards and Groups, Other Research 2286
Reports 2287
1. 2018 National Emergency Management Association Biennial Report, 2018 2288
2. Via Satellite: First Responder’s Guide to Satellite Communications, 2018 2289
3. 2017 Joint Meeting of the Major Cities Chiefs Association’s Technology and FirstNet: Workshop on Law 2290
Enforcement Priorities and Recommendations for FirstNet 2291
4. NPSTC Report Best Practices for Public Safety Interoperable Communications: Best Practices 2017 2292
5. SAFECOM/NCSWIC/Federal Partnership for Interoperable Communications (FPIC) Security Working 2293
Group Best Practices for Encryption in Project 25 (P25) Public Safety Land Mobile Radio Systems (LMR): 2294
Best Practices 2016 2295
6. Using Future Broadband Communications Technologies to Strengthen Law Enforcement, RAND 2296
75
Appendix 6. Glossary2297
2298
After-Action Report 2299
A professional document formulated in partnership 2300 with participants in a process. Evaluators, 2301 sponsoring agencies, and key participants from 2302 government agencies participate in the formulation 2303 of the after-action report. It furnishes a historical 2304 record of findings and forms the foundation for 2305 refinements to plans, policies, procedures, training, 2306 equipment, and overall preparedness of an entity. 2307 The report depicts the process, preliminary 2308 observations, and major issues, and makes 2309 recommendations for improvements. 2310 2311
All Hazards Incident Dispatch 2312
Team (IDT) 2313
Specially trained communications personnel who are 2314 certified in tactical, wildland and urban-interference 2315 incidents. The IDT responds to large scale events 2316 and incidents and work the varying levels of 2317 communications at the scene. 2318
Applications 2319
A set of features and a user interface that may be 2320 realized by fixed or mobile devices. User services 2321 are logical building blocks of application-layer 2322 functionality. 2323 2324
Agreements 2325
Formal mechanisms to govern interagency 2326 coordination and the use of interoperable emergency 2327 communications solutions. 2328
Assessment 2329
The process of acquiring, collecting, processing, 2330 examining, analyzing, evaluating, monitoring, and 2331 interpreting the data, information, evidence, objects, 2332 measurements, images, and sound, among others, 2333 whether tangible or intangible, to provide a basis for 2334 decision-making. 2335
2336
Amateur Radio Service 2337
A radio communication service for the purpose of 2338 self-training, intercommunication, and technical 2339 investigations carried out by amateurs, who are duly 2340 authorized persons interested in radio technique 2341 solely with a personal aim and without pecuniary 2342 interest. 2343
2344
Auxiliary Communications 2345
(AUXCOMM) 2346
Backup emergency radio communications provided 2347 by volunteers who support public safety and 2348 emergency response professionals and their 2349 agencies. 2350 2351
Big Data 2352
The analysis of datasets that are too massive, too 2353 complex, or too disparate to be handled by 2354 traditional data processing methods. For example, 2355 the New York City Fire Department utilizes a Risk-2356 Based Inspection System (RBIS) to score buildings’ 2357 fire risk and prioritize those that need inspection 2358 most urgently. Big Data also includes predictive 2359 algorithms that give advance notice for disasters, 2360 both natural and man-made; management of After 2361 Action Reports within the context of larger data sets; 2362 analytic engines that reveal important correlations 2363 that can improve management efficiency for public 2364 safety, reduce overhead costs and manpower 2365 requirements, and even improve responder health 2366 and safety. 2367
2368
Broadband 2369
High-speed Internet that allows users to access the 2370 Internet and Internet-related services at significantly 2371 higher speeds using Long-Term Evolution 2372 Technology (LTE). Broadband and LTE allow users 2373 to access the next evolution of commercial 2374 broadband wireless communications technology, 2375 which was developed to address the demand for 2376 high-speed, data intensive communications, such as 2377 situational awareness, advanced analytics, database 2378 queries, and video applications. Transmission is 2379 digital, meaning that text, images, and sound are all 2380 transmitted as bits of data. The transmission 2381 technologies that make broadband possible move 2382 these bits much more quickly than traditional 2383 telephone or wireless connections. 2384 2385
Capital Investments 2386
Equipment and other one-time costs. 2387 2388
Common Alerting Protocol 2389
The Common Alerting Protocol is a digital format 2390 for exchanging emergency alerts allowing consistent 2391 alert messages to be disseminated simultaneously 2392 over many different communications systems. 2393
76
Communications Coordinator 2394
(COMC) 2395
Serves as a point of contact and is responsible for 2396 maintaining contact with local agencies and 2397 collecting information about local resources to aid 2398 the Communications Unit Leader (COML) and helps 2399 with such tasks as assigning equipment, frequencies, 2400 and following up on and keeping track of the status 2401 of orders. The COMC determines the extent and 2402 availability of communications coordination possible 2403 for a given incident. 2404 2405
Communications Duty Officer 2406
(CDO) 2407
Similar to the Communications Coordinator 2408 (COMC), serves as a point of contact and is 2409 responsible for maintaining contact with local 2410 agencies and collecting information about local 2411 resources to aid the Communications Unit Leader 2412 (COML). 2413 2414
Continuity 2415
Ability to provide and maintain acceptable levels of 2416 communications during disruptions in operations. 2417 2418
Continuity of Communications 2419
The ability of emergency response agencies to 2420 maintain communications capabilities when primary 2421 infrastructure is damaged or destroyed. 2422 2423
Core Capabilities 2424
Distinct critical elements necessary to achieve the 2425 National Preparedness Goal. 2426 2427
Critical Infrastructure 2428
Systems and assets, whether physical or virtual, so 2429 vital to the United States that the incapacity or 2430 destruction of such systems and assets would have a 2431 debilitating impact on security, national economic 2432 security, national public health or medical, or safety, 2433 or any combination of those matters. (Source: 2013 2434 National Infrastructure Protection Plan) 2435 2436
Cross-Discipline 2437
Involving emergency response providers from 2438 different disciplines (e.g., police, fire, emergency 2439 medical services). 2440 2441
2442
Cybersecurity 2443
The prevention of damage to, unauthorized use of, or 2444 exploitation of, and, if needed, the restoration of 2445 electronic information and communications systems 2446 and the information contained therein to ensure 2447 confidentiality, integrity, and availability. Includes 2448 protection and restoration, when needed, of 2449 information networks and wireline, wireless, 2450 satellite, public safety answering points, and 911 2451 communications systems and control systems. 2452 (Source: 2013 National Infrastructure Protection 2453 Plan 2013: Partnering for Critical Infrastructure 2454 Security and Resilience) 2455 2456
Cybersecurity Risks 2457
Occur when a cybersecurity threat exploits a 2458 vulnerability, increasing the likelihood of or leading 2459 to an undesired event that has a negative 2460 consequence on the desired state of the network. 2461 2462
Cybersecurity Threats 2463
Anything that has the potential to harm the system 2464 and are produced by “threat actors” who possess 2465 capabilities to carry out an attack. 2466 2467
Day-to-Day Situations 2468
Situations within the general normal structure for an 2469 organization, including routine operations. 2470 2471
Decision-Making Groups 2472
A group or governing body with a published 2473 agreement that designates its authority, mission, and 2474 responsibilities. 2475 2476
Dispatch Center 2477
Agency or interagency dispatch centers, 911 call 2478 centers (e.g., public safety answering points), 2479 emergency control or command dispatch centers, or 2480 any naming convention given to the facility and staff 2481 that handles emergency calls from the public and 2482 communication with emergency 2483 management/response personnel. 2484 2485
Emergency Communications 2486
The means and methods for exchanging 2487 communications and information necessary for 2488 successful incident management. 2489 2490
2491
77
Emergency Management 2492
Assistance Compact 2493
A congressionally ratified mutual aid compact that 2494 legally establishes a national system to facilitate 2495 resources across State lines during an emergency or 2496 disaster. 2497 2498
Emergency Response Providers 2499
The Homeland Security Act of 2002 defines 2500 emergency response providers as Federal, state, and 2501 local governmental and nongovernmental emergency 2502 public safety, fire, law enforcement, emergency 2503 response, emergency medical (including hospital 2504 emergency facilities), and related personnel, 2505 agencies, and authorities. 2506 2507
Emergency Support Functions 2508
Used by the Federal Government and many state 2509 governments as the primary mechanism at the 2510 operational level to organize and provide assistance. 2511 Emergency Support Functions align categories of 2512 resources and provide strategic objectives for their 2513 use. Emergency Support Functions utilize 2514 standardized resource management concepts such as 2515 typing, inventorying, and tracking to facilitate the 2516 dispatch, deployment, and recovery of resources 2517 before, during, and after an incident. 2518 2519
Encryption 2520
Method of mitigating threats from the potential 2521 compromise of personal or sensitive data by 2522 encoding information in such a way that only 2523 authorized parties can access it. 2524 2525
Exercises 2526
Instruments to train for, assess, practice, and 2527 improve performance in prevention, protection, 2528 mitigation, response, and recovery capabilities in a 2529 risk-free environment. Exercises can be used for 2530 testing and validating policies, plans, procedures, 2531 training, equipment, and interagency agreements; 2532 clarifying and training personnel in roles and 2533 responsibilities; improving interagency coordination 2534 and communications; improving individual 2535 performance; identifying gaps in resources; and 2536 identifying opportunities for improvement. 2537 2538
2539
First Responder Network Authority 2540
An independent authority within the National 2541 Telecommunications and Information 2542 Administration that is responsible for ensuring the 2543 building, deployment, and operation of the first high-2544 speed, nationwide public safety broadband network. 2545 2546
First Responders 2547
See “emergency response provider.” (The 2548 Implementing the 9/11 Commission 2549 Recommendations Act of 2007 states that the term 2550 first responder shall have the same meaning as the 2551 term emergency response provider, which is defined 2552 in the Homeland Security Act of 2002.) 2553 2554
Government Emergency 2555
Telecommunications Service 2556
Service that provides national security and 2557 emergency preparedness personnel priority access 2558 and prioritized processing in the local and long 2559 distance segments of the Public Switched Telephone 2560 Network, greatly increasing the probability of call 2561 completion. Government Emergency 2562 Telecommunications Service is intended to be used 2563 in an emergency or crisis situation when the Public 2564 Switched Telephone Network is congested and the 2565 probability of completing a normal call is reduced. 2566 2567
Governance 2568
Relates to consistent management, cohesive policies, 2569 guidance, processes, and decision-rights for a given 2570 area of responsibility. 2571
Homeland Security Exercise and 2572
Evaluation Program 2573
Provides a set of guiding principles for exercise 2574 programs, as well as a common approach to exercise 2575 program management, design and development, 2576 conduct, evaluation, and improvement planning. 2577 HSEEP exercise and evaluation doctrine is flexible, 2578 adaptable, and is for use by stakeholders across the 2579 whole community and is applicable for exercises 2580 across all mission areas – prevention, protection, 2581 mitigation, response, and recovery. 2582
2583
78
Incident Action Plan 2584
An oral or written plan containing general objectives 2585 reflecting the overall strategy for managing an 2586 incident. It may include the identification of 2587 operational resources and assignments. It may also 2588 include attachments that provide direction and 2589 important information for management of the 2590 incident during one or more operational periods. 2591 2592
Incident Communications Center 2593
Manager (INCM) 2594
Manages an Incident Communications Center, (ICC) 2595 when the Communications Unit Leader’s span of 2596 control would be exceeded by the complexity of the 2597 incident. The INCM serves primarily to supervise 2598 radio operators and manage the increased complexity 2599 of an ICC during large incidents. 2600 2601
Incident Communications Center 2602
(ICC) 2603
An established location close to an Incident 2604 Command Post (ICP) from which coordination, 2605 communications, and support of incident 2606 management activities is directed. 2607 2608
Incident Command System 2609
A standardized on-scene emergency management 2610 construct specifically designed to provide for the 2611 adoption of an integrated organizational structure 2612 that reflects the complexity and demands of single or 2613 multiple incidents, without being hindered by 2614 jurisdictional boundaries. The incident command 2615 system is the combination of facilities, equipment, 2616 personnel, procedures, and communications 2617 operating within a common organizational structure, 2618 designed to aid in the management of resources 2619 during incidents. It is used for all kinds of 2620 emergencies and is applicable to small and large, 2621 complex incidents. The incident command system is 2622 used by various jurisdictions and functional 2623 agencies, both public and private, to organize field-2624 level incident management operations. 2625 2626
Incident Communication Manager 2627
(ICM) 2628
Restores normal service operation as possible to 2629 minimize impact of disruption and responsible for 2630 planning and coordinating activities require to 2631 perform, monitor, and report on the process. 2632 2633
2634
Information Sharing Environment 2635
Broadly refers to the people, projects, systems, and 2636 agencies that enable responsible information sharing 2637 for national security. 2638 2639
Information Technology Service 2640
Unit Leader 2641
Responsible for coordinating with the 2642 Communications Leader (COML) and Incident 2643 Commander Staff to determine IT resource 2644 requirements to support incident objectives such as 2645 developing Information Management Plan (manage 2646 data sharing); determining and ordering needed 2647 personnel, equipment, and services; and supervising 2648 IT and Communications Help Desk. 2649 2650
International/Cross-Border Entities 2651
Foreign organizations (e.g., Canadian or Mexican 2652 organizations). 2653 2654
Interoperability 2655
Ability of emergency response providers and 2656 relevant government officials to communicate across 2657 jurisdictions, disciplines, and levels of government 2658 as needed and as authorized. 2659 2660
Interoperability Solutions 2661
Any method, process, or system used to enable 2662 interoperability (e.g., radio swaps, channel or 2663 console cross-patching, and shared system or 2664 channels). 2665 2666
Internet of Things (IoT) 2667
The Internet of Things (IoT) is the network of 2668 physical devices and connectivity that enables 2669 objects to connect to one another, to the Internet, and 2670 exchange data amongst themselves. IoT can benefit 2671 public safety by providing ubiquitous network 2672 connectivity, enhanced situational awareness, 2673 process optimization, and real-time response/control 2674 of autonomous systems. However, integrating IoT 2675 into a public safety operational framework also poses 2676 some concerns regarding cybersecurity, scale, 2677 network congestion, interoperability, human impacts, 2678 and policy over IoT provisioning and priority and 2679 privacy of data. 2680 2681
2682
79
Jurisdiction 2683
A range or sphere of authority. Public safety 2684 agencies have jurisdiction at an incident related to 2685 their legal responsibilities and authority. 2686 Jurisdictional authority at an incident can be political 2687 or geographical (e.g., Federal, state, tribal, local 2688 boundary lines) or functional (e.g., law enforcement, 2689 public health, medical). 2690 2691
Land Mobile Radio Systems 2692
Terrestrially-based wireless narrowband 2693 communications systems commonly used by 2694 Federal, state, local, tribal, and territorial emergency 2695 responders, public works companies, and even the 2696 military to support voice and low-speed data 2697 communications. 2698 2699
Lifecycle Planning 2700
The process of designing, implementing, supporting, 2701 and maintaining a land mobile radio or mobile data-2702 based public safety communications system. Enables 2703 practitioners to better forecast long-term funding 2704 requirements and helps to set the framework for 2705 establishing and maintaining a public safety system. 2706 2707
Mission Areas 2708
Groups of core capabilities, including Prevention, 2709 Protection, Mitigation, Response, and Recovery. 2710 2711
Multi-jurisdictional 2712
Involving agencies from different jurisdictions (e.g., 2713 across state, county, or regional boundaries). 2714 2715
Mutual Aid Agreement or 2716
Assistance Agreement 2717
Written or oral agreement between and among 2718 agencies, organizations, or jurisdictions that provides 2719 a mechanism to quickly obtain emergency assistance 2720 in the form of personnel, equipment, materials, and 2721 other associated services. The primary objective is to 2722 facilitate rapid, short-term deployment of emergency 2723 support prior to, during, or after an incident. 2724 2725
MsgR 2726
Message Runners, (MsgRs) physically relay 2727 messages to areas not yet served with any 2728 communications system 2729 2730
2731
NECP 2732
The Homeland Security Act of 2002, as amended, 2733 requires DHS to develop the NECP; the Plan serves 2734 as the Nation’s strategic plan for improving 2735 emergency response communications and efforts in 2736 the United States. 2737 2738
National Incident Management 2739
System 2740
Provides a systematic, proactive approach and 2741 template to guide departments and agencies at all 2742 levels of government, nongovernmental 2743 organizations, and the private sector to work 2744 seamlessly to prevent, protect against, respond to, 2745 recover from, and mitigate the effects of incidents, 2746 regardless of cause, size, location, or complexity, in 2747 order to reduce the loss of life or property and harm 2748 to the environment. 2749 2750
National Preparedness Goal 2751
The cornerstone for the implementation of 2752 Presidential Policy Directive-8, it establishes the 2753 capabilities and outcomes for the Nation to 2754 accomplish across five mission areas (Prevention, 2755 Protection, Mitigation, Response, and Recovery) in 2756 order to be secure and resilient. The Goal establishes 2757 distinct core capabilities and corresponding target 2758 elements for each mission area. 2759 2760
Nationwide Public Safety 2761
Broadband Network 2762
A dedicated, wireless, interoperable, 2763 communications long-term evolution-based network 2764 (consisting of a core network and radio access 2765 network) that allows public safety to receive and 2766 share critical information with their counterparts 2767 across the Nation. 2768 2769
National Response Framework 2770
A guide to how the Nation responds to all types of 2771 disasters and emergencies. It describes specific 2772 authorities and best practices for managing incidents 2773 that range from the serious but purely local to large-2774 scale terrorist attacks or catastrophic natural 2775 disasters. 2776 2777
2778
80
National Security and Emergency 2779
Preparedness Communications 2780
Functions 2781
The ability of the Federal Government to 2782 communicate at all times and under all 2783 circumstances to carry out its most critical and time 2784 sensitive missions. This includes the survivable, 2785 resilient, enduring, and effective communications, 2786 both domestic and international, that are essential to 2787 enable the executive branch to communicate within 2788 itself and with: the legislative and judicial branches; 2789 state, local, tribal, and territorial governments; 2790 private sector entities; and the public, allies, and 2791 other nations. 2792 2793
Network Decommissioning 2794
The process of removing systems and equipment 2795 from active service. 2796 2797
Nongovernmental Organization 2798
As noted in the National Response Framework, these 2799 include voluntary, racial and ethnic, faith-based, 2800 veteran-based, and nonprofit organizations that 2801 provide sheltering, emergency food supplies, and 2802 other essential support services. Nongovernmental 2803 organizations are inherently independent and 2804 committed to specific interests and values. 2805 2806
NGOs/Private Sector 2807
Non-profit or for-profit organizations participating in 2808 public safety/emergency communications planning, 2809 use or reconstitution (e.g., Non-Governmental 2810 Organizations [NGOs], utilities, communication 2811 service providers, equipment operators, 2812 transportation, food distribution, Volunteer 2813 Organizations Active in Disasters [VOAD]). 2814 2815
Operability 2816
Ability to provide and maintain reliable 2817 communications functionality throughout the area of 2818 responsibility. 2819 2820
Operating Environment 2821
For the purposes of the NECP, this refers to the 2822 people, processes, policies, and technologies for 2823 emergency communications. 2824 2825
Other Disciplines 2826
Personnel with another organization of a different 2827 discipline (e.g., fire, law enforcement) within the 2828 same jurisdiction. 2829 2830
Out-of-the-Ordinary Situations 2831
Situations that may stretch and/or overwhelm the 2832 abilities of an organization. 2833 2834
Personnel 2835
Individuals responsible for communications 2836 installations, operations, and maintenance. 2837 2838
Position Task Book (PTB) 2839
Primary tool for observing and evaluating the 2840 performance of Incident Command System (ICS) 2841 trainees. They allow documentation of a trainee’s 2842 ability to perform each task, as prescribed by 2843 position. 2844 2845
Priority Telecommunications 2846
Service: Implements policy, assigns 2847
responsibilities, and establishes procedures for the 2848 Telecommunications Service Priority (TSP) 2849 Program. Authorizes priority services for domestic 2850 telecommunications services (e.g., Government 2851 Emergency Telecommunications Service [GETS] 2852 and Wireless Priority Service [WPS]). 2853 2854
Private Sector Entity 2855
Per the National Response Framework, private 2856 sector entities include large, medium, and small 2857 businesses; commerce, private cultural and 2858 educational institutions; and industry, as well as 2859 public-private partnerships that have been 2860 established specifically for emergency management 2861 purposes. 2862 2863
Project 25 2864
(P25 or APCO-25) is a suite of standards for digital 2865 radio communications for use by federal, 2866 state/province and local public safety agencies in 2867 North America to enable them to communicate with 2868 other agencies and mutual aid response teams in 2869 emergencies. In this regard, P25 fills the same role as 2870 the European Terrestrial Trunked Radio (TETRA) 2871 protocol, but the two are not interoperable. 2872 2873
Protective/Restorative Measures 2874
Protective measures decrease the likelihood that a 2875 threat will affect the network, while restorative 2876 measures, such as OEC’s Telecommunications 2877 Service Priority, enable rapid restoration if services 2878 are damaged or destroyed. 2879 2880
2881
81
Public Safety Entity 2882
An entity that provides public safety services and 2883 that include services provided by emergency 2884 response providers, as defined in the Homeland 2885 Security Act of 2002. 2886 2887
Public safety 2888
Refers to the welfare and protection of the general 2889 public. 2890 2891
Public Safety/Emergency 2892
Communications 2893
Capabilities needed to transmit/receive information 2894 during public safety incidents (e.g., natural disasters, 2895 acts of terrorism, other man-made events). 2896 2897
Public Safety Services 2898
Includes services defined in the Communications Act 2899 of 1934 as those with the sole or principal purpose of 2900 which is to protect the safety of life, health, or 2901 property; that are provided—by state or local 2902 government entities; or by nongovernmental 2903 organizations that are authorized by a governmental 2904 entity whose primary mission is the provision of 2905 such services; and that are not made commercially 2906 available to the public by the provider. Also 2907 includes services provided by emergency response 2908 providers, as defined in Section 2 of the Homeland 2909 Security Act of 2002. 2910
2911
Public Safety Answering Point 2912
A facility that has been designated to receive 911 2913 calls and route them to emergency services 2914 personnel. A Public Safety Answering Point may act 2915 as a dispatch center. Public Safety Answering Point 2916 is often used with the term Public Safety 2917 Communications Center. 2918 2919
Radio Operator (RADO) 2920
Staffs the Incident Communications Center (ICC), 2921 using radios to receive information and relay 2922 messages. 2923 2924
Reliability 2925
Achieved in public safety land mobile radio systems 2926 through equipment redundancy and minimizing 2927 single points of failures through careful system 2928 design. System operators stock spare parts and, in 2929 some cases, transportable backup systems to restore 2930 system failures that do occur. Reliability must be 2931 considered at the earliest stages of system design. 2932 2933
Redundancy 2934
Additional or duplicate communications assets share 2935 the load or provide back-up to the primary asset. 2936 2937
Resources 2938
Personnel and major items of equipment, supplies, 2939 and facilities available or potentially available for 2940 assignment to incident operations and for which 2941 status is maintained. Resources are described by 2942 kind and type and may be used in operational 2943 support or supervisory capacities at an incident or at 2944 an Emergency Operations Center. 2945 2946
Route Diversity 2947
Communications routing between two points over 2948 more than one geographic or physical path with no 2949 common points. 2950 2951
Social Media 2952
Refers to the means of interactions among people in 2953 which they create, share, or exchange information 2954 and ideas in virtual communities and networks. 2955 2956
Standard Operating Procedures 2957
Generally refers to a reference document or an 2958 operations manual that provides the purpose, 2959 authorities, duration, and details for the preferred 2960 method of performing a single function or a number 2961 of interrelated functions in a uniform manner. 2962 2963
State Preparedness Review 2964
Required by several DHS grants, the THIRA process 2965 helps communities understand threats and hazards 2966 their varying impacts. The THIRA process results in 2967 community-informed capability targets and resource 2968 requirements necessary to address anticipated and 2969 unanticipated risks.[1] https://www.fema.gov/media-2970 library/assets/documents/165308 2971 2972
Strategic Planning 2973
Planning process that establishes organizational 2974 goals and identifies, scopes, and establishes 2975 requirements for the provisioning of capabilities and 2976 resources to achieve them. 2977 2978
2979
82
Statewide Communication 2980
Interoperability Plan 2981
Stakeholder-driven, multi-jurisdictional, and multi-2982 disciplinary statewide plans that outline and define 2983 the current and future vision for communications 2984 interoperability within the state or territory. The 2985 Statewide Communications Interoperability Plan is a 2986 critical strategic planning tool to help states prioritize 2987 resources, establish and strengthen governance, 2988 identify future technology investments, and address 2989 interoperability gaps. 2990 2991
Statewide Interoperability 2992
Coordinator 2993
Serves as the state’s single point of coordination for 2994 interoperable communications and implements the 2995 Statewide Communication Interoperability Plan. 2996 2997
Statewide Interoperability 2998
Governing Bodies 2999
Serves as the primary steering group for the 3000 statewide interoperability strategy. Its mission is to 3001 support the Statewide Interoperability Coordinator in 3002 efforts to improve emergency response 3003 communications across the state through enhanced 3004 data and voice communications interoperability. 3005 They often include representatives from various 3006 jurisdictions, disciplines, as well as subject matter 3007 experts. 3008 3009
Statewide Interoperability 3010
Executive Committees 3011
Used interchangeably with Statewide 3012 Interoperability Governing Bodies. 3013 3014
Tactical Interoperable 3015
Communications Plan 3016
A plan providing rapid provision of on-scene, 3017 incident-based mission critical voice 3018 communications among all first responder agencies 3019 (e.g., emergency medical services, fire, and law 3020 enforcement), as appropriate for the incident, and in 3021 support of an incident command system as defined in 3022 the National Incident Management System. 3023 3024
Tactical Dispatcher 3025
Supports Communications Unit staff with accurate 3026 and timely documentation of events during high-risk 3027 operations, special events and major incidents in 3028 which a command post is activated. 3029 3030
Tactical Dispatch Team (TDT) 3031
Provide on-site communications support during 3032 incidents or planned events. The TDT provides 3033 support to the Incident Commander with accurate 3034 and timely documentation of events during a planned 3035 events and unplanned incidents. 3036 3037
Technical Assistance 3038
Support to state, local, tribal, and territorial 3039 emergency responders and government officials 3040 through the development and delivery of training, 3041 tools, and onsite assistance to advance public safety 3042 interoperable communications capabilities. 3043 3044
Technology 3045
Per the SAFECOM Interoperability Continuum, 3046 applies to a capability element that encompasses the 3047 systems and equipment that enable emergency 3048 responders to share information efficiently and 3049 securely during an emergency incident, and 3050 addresses the functionality, performance, 3051 interoperability, and continuity capabilities of those 3052 systems and equipment. 3053 3054
Telecommunications Service 3055
Priority 3056
A DHS OEC program that authorizes NS/EP 3057 organizations to receive priority treatment for vital 3058 voice and data circuits or other telecommunications 3059 services. See 3060 https://www.dhs.gov/telecommunications-service-3061 priority-tsp. 3062 3063
Threat and Hazard Identification 3064
and Risk Assessment 3065
Required by several DHS grants, the THIRA process 3066 helps communities understand threats and hazards 3067 their varying impacts. The THIRA process results in 3068 community-informed capability targets and resource 3069 requirements necessary to address anticipated and 3070 unanticipated risks. 3071 3072
THSP 3073
Technical Specialists (THSP) is a catch-all term for 3074 outside specialists providing expertise to the 3075 Communications Unit Leader (COML) including 3076 amateur radio, computer network technicians, and 3077 satellite communications (SATCOM). 3078 3079
3080
83
Usage 3081
Per the SAFECOM Interoperability Continuum, this 3082 applies to the frequency and familiarity with which 3083 emergency responders use interoperable emergency 3084 communications solutions. 3085 3086
Vulnerabilities 3087
Weaknesses in a system, network, or asset that could 3088 enable an undesired outcome. 3089 3090
Wireless Priority Services 3091
A DHS OEC program that improves the connection 3092 capabilities for authorized National 3093 Security/Emergency Preparedness (NS/EP) cell 3094 phone users, (e.g., senior members of the 3095 Presidential administration, local emergency 3096 managers, fire, and police chiefs, and technicians in 3097 wireline and wireless carriers, banking, nuclear 3098 facilities, and other vital national infrastructures). 3099 See https://www.dhs.gov/wireless-priority-service-3100 wps. 3101 3102
Whole Community 3103
Per the National Preparedness Goal, the term whole 3104 community applies to the focus on enabling the 3105 participation in national preparedness activities of a 3106 wider range of players from the private and nonprofit 3107 sectors, including nongovernmental organizations 3108 and the general public, in conjunction with the 3109 participation of Federal, state, local, tribal, and 3110 territorial governmental partners in order to foster 3111 better coordination and working relationships3112
84
Appendix 7. Acronyms3113
3114
5G Fifth Generation 3115
AVL Automatic Vehicle Location 3116
C3 Critical Infrastructure Cyber 3117
Community Voluntary Program 3118
CAD Computer Aided Dispatch 3119
CAT Coverage Acceptance Testing 3120
CIO Chief Information Officer 3121
CSIRT Computer Security Incident 3122
Response Team 3123
DHS Department of Homeland Security 3124
EC3 Emergency Communications Center 3125
ECPC Emergency Communications 3126
Preparedness Center 3127
EDXL Emergency Data EXchange 3128
Language 3129
EMS Emergency Medical Services 3130
EOC Emergency Operations Centers 3131
FCC Federal Communications 3132
Commission 3133
FEMA Federal Emergency Management 3134
Agency 3135
GIS Geographic Information System 3136
GRA Global Reference Architecture 3137
HSEEP Homeland Security Exercise and 3138
Evaluation Program 3139
HSGP Homeland Security Grant Program 3140
IAP Incident Action Plan 3141
ICAM Identity, Credential, and Access 3142
Management 3143
ICE U.S. Immigration and Customs 3144
Enforcement 3145
IoT Internet of Things 3146
IP Internet Protocol 3147
IPAWS Integrated Public Alert and Warning 3148
System 3149
IRT Incident Response Teams 3150
ISE Information Sharing 3151
Environment 3152
IT Information Technology 3153
JWPMO Joint Wireless Program 3154
Management Office 3155
LMR Land Mobile Radio 3156
LTE Long-Term Evolution 3157
MAA Mutual Aid Agreements 3158
MCPTT Mission Critical Push-to-Talk 3159
MOA Memoranda of Agreement 3160
MOU Memoranda of Understanding 3161
NCCIC National Cybersecurity and 3162
Communications Integration 3163
Center 3164
NCSWIC National Council of Statewide 3165
Interoperability Coordinators 3166
NECP National Emergency 3167
Communications Plan 3168
NGO Nongovernmental Organization 3169
NG911 Next Generation 911 3170
NHTSA National Highway Traffic Safety 3171
Administration 3172
NIEM National Information Exchange 3173
Model 3174
NIMS National Incident Management 3175
System 3176
NIST National Institute of Standards 3177
and Technology 3178
NPSTC National Public Safety 3179
Telecommunications Council 3180
OASIS Organization for the 3181
Advancement of Structured 3182
Information Standards 3183
OEC Office of Emergency 3184
Communications 3185
P25 Project 25 3186
PSAP Public Safety Answering Points 3187
85
PSCC Public Safety Communications 3188
Centers 3189
PSCR Public Safety Communications 3190
Research Program 3191
PSRC Public Safety Research Center 3192
R&D Research and Development 3193
RAN Radio Access Network 3194
RF Radio Frequency 3195
RICP Regional Interoperable 3196
Communications Plans 3197
SAA State Administrative Agency 3198
SDO Standard Development 3199
Organizations 3200
SHSP State Homeland Security Program 3201
SIEC Statewide Interoperability 3202
Executive Committees 3203
3204
SIGB Statewide Interoperability 3205
Governing Bodies 3206
SOP Standard Operating Procedure 3207
SPR Stakeholder Preparedness 3208
Review 3209
SPR State Preparedness Review 3210
86
3211