Presentation is loading. Please wait.

Presentation is loading. Please wait.

Incident Management Information Sharing Capability Maturity Model

Published byJulian Roberts Modified over 7 years ago

Similar presentations

Presentation on theme: "Incident Management Information Sharing Capability Maturity Model"— Presentation transcript:

1 Incident Management Information Sharing Capability Maturity Model
August 5, 2017 Ronald Langhelm Program Manager First Responders Group Science and Technology Directorate

2 Current Situation Incident Management Information Sharing (IMIS) presents challenges across the full spectrum of responders in large-scale incidents Partners in the incident management/first responder community lack clear direction on optimal ways to discover or share mission- critical information and to objectively assess their capabilities While general guidance materials are available, none provide details specific to an entity’s maturity level as it relates to IMIS DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

3 Requirements for IMIS CMM
Central U.S. Earthquake Consortium Capstone-14 Exercise After Action Report clearly identified the requirement for an IMIS Capability Maturity Model (CMM) “[A] Capabilities Maturity Model would help agencies measure their maturity along a continuum and help to guide their path forward” CMM “could result in significant opportunities to eliminate redundant data entry processes, reduce data entry errors and collect more detailed information” DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

4 Capability Maturity Model (CMM) Defined
CMM is a framework that describes key elements of an effective practice Presents an evolutionary improvement path from an ad hoc immature process to a mature and disciplined process Collection of best practice-based characteristics that assist an organization in identifying competencies and support improvement of processes DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

5 CMM Establishes a Means for Strategic Measurement
Provides an assessment process to benchmark overall performance in a structured and repeatable way Identifies gaps in technologies, processes and governance Serves as a comparison process to the practices of the industry Delivers a basis for an organization to identify their desired functional level Assists in the development of formalized improvements to its processes Provides the opportunity to demonstrate results of improvement efforts DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

6 The IMIS CMM Defined IMIS CMM will enable maturation of incident management-related information sharing processes and capabilities Will improve and broaden sharing of specific information that originates within episodes of incident response and support Addresses IMIS abilities at all levels of government, as well as non-governmental organizations (NGOs) and private sector partners DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

7 IMIS CMM Objectives Foster formalized governance and leadership
Support better-informed first responders through improved interoperability and information agility Provide a logical pathway to technical and functional advancements in IMIS Assist organizations in creating a consistent, nationwide IMIS governance approach, while deriving value from their IMIS investments Support resourcing requests and return on investment analysis Improve information security and integrity, while increasing the technical abilities of incident response DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

8 The IMIS CMM Promotes governance and process over direct technology advancement Provides the ability to assess impacts on operational activities Addresses topics such as leadership, workforce, budget, legal, procurement, etc. Can be used to monitor information sharing progress over time Assists in determining the effectiveness of evolving activities Supports the development of maturity metrics to promote detailed discussions between communities Identifies requirement for development of formal improvement plans DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

9 IMIS CMM Core Elements IMIS CMM Core Elements are derived from five inter-dependent elements of the SAFECOM Interoperability Continuum, which measure the maturity of an organization’s IMIS capabilities: Governance Technology Standard Operating Procedures Training & Exercises Usage Governance - Establishing a common governing structure for solving issues related to incident management, information management and information sharing will improve the policies, processes and procedures of organization by: enhancing communication, coordination and cooperation; establishing guidelines and principles; clearly defining decision rights and roles and responsibilities; and reducing any internal jurisdictional conflicts. Governance structures provide the framework in which stakeholders can collaborate and make decisions that represent a common objective. It has become increasingly clear to the incident management and emergency response community that IMIS and communications interoperability cannot be solved by any one entity; achieving effective and efficient IMIS and communications interoperability capabilities requires a partnership among emergency response organizations across all levels of government. As such, a governing body should consist of SLTT and federal entities, as well as representatives from all pertinent emergency management and first response disciplines within an identified region. Technology   - Technology is a critical tool for improving IMIS and communications interoperability capabilities, but it is not the sole driver of an optimal solution. Successful implementation of technology/tools must be supported by strong governance and is highly dependent on effective collaboration and training among participating organizations and jurisdictions. Technologies should meet the interoperability requirements of practitioners on the front lines while addressing regional needs, existing infrastructure, cost vs. benefit and sustainability. The technologies organizations deploy must be scalable to effectively support day-to-day incidents as well as large-scale disasters. Often, a combination of technologies will be necessary. Security and authentication challenges are present in each technology and must be considered in all implementation decisions. Standard Operating Procedures - Standard Operating Procedures (SOPs) are formal written guidelines or instructions for incident management, information management and information sharing within and across jurisdictions; they typically have both operational and technical components. Established SOPs enable emergency management professionals and first responders to successfully coordinate an incident management/response across disciplines and jurisdictions. Clear and effective SOPs are essential for developing and deploying any IMIS and/or interoperable communications solution. Training and Exercises - Implementing effective training and exercise programs to practice IMIS and communications interoperability is essential for ensuring that the technology works and responders are able to effectively share information and communicate via multiple methods (e.g., voice and data) during emergencies. Usage - Usage refers to how often IMIS and interoperable communications technologies are used. Success in this element is contingent upon progress and interplay among the other four elements on the Interoperability Continuum DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

10 IMIS CMM Maturity Levels
IMIS Maturity Levels provide a maturity categorization across IMIS Core Elements to rate an entity across a 0-5 scale within each element: Level 0: No Capability Level 1: Awareness Level 2: Planning and Development Level 3: Limited Operational Capability Level 4: Extended Operational Capability Level 5: Mature Operating Capability Level 0: No Capability Level 1: Awareness The entity is somewhat aware of the data/information available from SLTT and federal partners and is not certain where or how to obtain access on a consistent or sustainable basis. They operate without established IMIS objectives and their processes and practices are inconsistent and unpredictable with a high risk of variation and deficiency. Deficiencies are not systematically identified and employees’ roles and responsibilities and not defined or documented. Level 2: Planning and Development The entity is actively coordinating with a governing body to build operational capacity for IMIS. Formal planning activities and objectives are in place, but are not yet prioritized or implemented. Incident management processes and practices are dependent on the knowledge of individuals and their personal relationships with others. Initial discussions with information sharing partners regarding the establishment of formal information sharing agreements and protocols are underway, but are not yet documented. The entity is generally aware of the data/information available from SLTT and federal partners but has not developed formal relationships for access. Effectiveness is not adequately evaluated, and defined roles and responsibilities for information management may not be fully documented or understood by all employees. Level 3: Limited Operational Capability Objectives are in place, prioritized and adequately documented. Incident management processes and practices are evaluated on a periodic basis. The evaluation process is not well documented, however. The entity is aware of the data/information available from SLTT and federal partners; it has agreements in place and has documented and uses some formal information sharing agreements/protocols. The entity has defined the Essential Elements of Information (EEIs) required to support operations and is capable of using both static and dynamic EEIs to support daily internal operations. Employees are aware of their documented IMIS roles and responsibilities and are capable of discovering, creating, consuming, publishing, sharing and securing data/information from various internal and external sources into a consolidated daily situational awareness view. Level 4: Extended Operational Capability The entity has an institutionally adopted enterprise-level capability to manage information internally and to share both static and dynamic information with external partners at various levels for operational use. Employees are aware of their documented roles and responsibilities, and technology is applied tactically to ensure the use of predictable and consistent IMIS processes and practices. IMIS objectives are in place, documented, prioritized and reviewed on a periodic basis. Incident management processes and practices are evaluated on a scheduled basis and consistent follow-up addresses identified process deficiencies. Formal information sharing agreements and protocols for all EEIs and other critical data/information are documented and used on a consistent basis. Level 5: Mature Operating Capability The entity is capable of adapting to unfolding incidents/events and providing the appropriate data discovery, sharing, analysis  , and recommendation for decision making. Technology is strategically applied to ensure continuous assessment, monitoring and improvement of the IMIS processes and practices to optimize their enterprise-level capabilities. Employees are aware of their documented roles and responsibilities and are proactively involved in continuous process improvement. Objectives are in place, prioritized, reviewed on a scheduled/continual basis and documented. The evaluation process is well documented and consistent follow-up addresses identified process deficiencies.   DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

11 IMIS CMM Attributes IMIS CMM Attributes further define IMIS Core Elements to refine an organization’s understanding of the maturity level of its incident management operations and information sharing capabilities Used by IMIS CMM to provide means for an entity to complete an IMIS CMM assessment Framework Document Text DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

12 Recent Use Case New Orleans Experiment
S&T deploying new information sharing tools and demonstrating social media technologies/methodologies Developed flood scenario based table-top exercise Technology will be deployed, trained and exercised S&T conducted pre-experiment CMM assessment Full-day experiment conducted in coordination with local stakeholders and partners Awaiting opportunity to conduct post-assessment Framework Document Text DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

13 IMIS CMM Assessment Assessment allows an entity to identify the achieved IMIS CMM Attributes Provides output display of the entity’s current IMIS maturity levels within each Core Element Framework Document Text DHS Science and Technology Directorate | MOBILIZING INNOVATION FOR A SECURE WORLD

Download ppt "Incident Management Information Sharing Capability Maturity Model"

Similar presentations

International Course on Development and Disasters with Special Focus on Health February 10 – 21, 2003: St Anns, Jamaica CDERA Experience in Institutional.

International Course on Development and Disasters with Special Focus on Health February 10 – 21, 2003: St Anns, Jamaica CDERA Experience in Institutional.
Global Congress Global Leadership Vision for Project Management.

Global Congress Global Leadership Vision for Project Management.
HR Manager – HR Business Partners Role Description

HR Manager – HR Business Partners Role Description
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
©2006 OLC 1 Process Management: The Foundation for Achieving Organizational Excellence Process Management Implementation Worldwide.

©2006 OLC 1 Process Management: The Foundation for Achieving Organizational Excellence Process Management Implementation Worldwide.
IS 700.a NIMS An Introduction. The NIMS Mandate HSPD-5 requires all Federal departments and agencies to: Adopt and use NIMS in incident management programs.

IS 700.a NIMS An Introduction. The NIMS Mandate HSPD-5 requires all Federal departments and agencies to: Adopt and use NIMS in incident management programs.
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
Session 121 National Incident Management Systems Session 12 Slide Deck.

Session 121 National Incident Management Systems Session 12 Slide Deck.
Purpose of the Standards

Purpose of the Standards
LEVERAGING THE ENTERPRISE INFORMATION ENVIRONMENT Louise Edmonds Senior Manager Information Management ACT Health.

LEVERAGING THE ENTERPRISE INFORMATION ENVIRONMENT Louise Edmonds Senior Manager Information Management ACT Health.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Chapter 6 6-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Software Engineering Lecture # 17

Software Engineering Lecture # 17
National Science Foundation 1 Evaluating the EHR Portfolio Judith A. Ramaley Assistant Director Education and Human Resources.

National Science Foundation 1 Evaluating the EHR Portfolio Judith A. Ramaley Assistant Director Education and Human Resources.
Commissioning Self Analysis and Planning Exercise activity sheets.

Commissioning Self Analysis and Planning Exercise activity sheets.
Crosswalk of Public Health Accreditation and the Public Health Code of Ethics Highlighted items relate to the Water Supply case studied discussed in the.

Crosswalk of Public Health Accreditation and the Public Health Code of Ethics Highlighted items relate to the Water Supply case studied discussed in the.
Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.

Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.
1 Guiding Principles for Nationwide Interoperability A Brief Overview of Recent Efforts and Progress.

1 Guiding Principles for Nationwide Interoperability A Brief Overview of Recent Efforts and Progress.
EGovOS Panel Discussion CIO Council Architecture & Infrastructure Committee Subcommittee Co-Chairs March 15, 2004.

EGovOS Panel Discussion CIO Council Architecture & Infrastructure Committee Subcommittee Co-Chairs March 15, 2004.
National Incident Management System (NIMS)

National Incident Management System (NIMS)

Similar presentations

Ads by Google