VISIT TO FEMA

Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 STAT Next 2 Page(s) In Document Denied Iq Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 EMERGENCY OPERATIONS ? EICCIAEICC ? OFFICE OF READINESS PLANNING S OPERATIONS ? OFFICE OF INFORMATION RESOURCES MANAGEMENT ? OFFICE OF PROGRAM SUPPORT ? OFFICE OF OPERATING SYSTEMS DEVELOPMENT ? OFFICE OF OPERATIONS ANALYSIS S CONTROL ? OFFICE OF FACILITIES MANAGEMENT TRAINING $ EDUCATION DIRECTORATE OFFICE OF REGIONAL OPERATIONS U.S. FIRE ADMINISTRATION I OFFICE OF ARSON PREVENTION AND CONTROL H y OFFICE OF FIRE FIGHTER HEALTH AND SAFETY NATIONAL EMERGENCY TRANING CENTER OFFICE OF NATIONAL FIRE DATA EMERGENCY MANAGEMENT INSTITUTE OFFICE OF FIRE RESCUE SERVICE MANAGEMENT IMPROVEMENT NATIONAL FIRE ACADEMY I OFFICE OF CURRICULUM S PROGRAM COORD S EVALUATION OFFICE OF ADMIN SUPPORT DEPUTY DIRECTOR EXECUTIVE DEPUTY DIRECTOR FEDERAL INSURANCE ADMINISTRATION NATIONAL PREPAREDNESS PROGRAMS DIRECTORATE STATE S LOCAL PROGRAMS & SUPPORT DIRECTORATE RESOURCE MANAGEMENT S ADMINISTRATION DIRECTORATE OFFICE OF OFFICE OF SCIENCE NATURAL S OFFICE OF INSURANCE ADVISOR TECHNOLOGICAL PERSONNEL H OPERATIONS HAZARDS PROGRAMS OFFICE OF OFFICE OF OFFICE Of OFFICE OF DISASTER POIMY ANALYSIS RESOURCES ASSISTANCE ADMINISTRATIVE H $ TECH. SERVICES PREPAREDNESS PROGRAMS SUPPORT OFFICE OF OFFICE OF OFFICE OF OFFICE OF INSURANCE CIVIL y EMERGENCY ACQUISITION SUPPORT PREPAREDNESS MANAGEMENT MANAGEMENT SERVICES PROGRAMS OFFICE OF MOBILIZATION PREPAREDNESS OFFICE OF RESEARCH REGIONAL DIRECTORS I 11 IN IV V VI BOSTON NEW YORK PHILADELPHIA ATLANTA CHICAGO DALLAS EXECUTIVE ADMINISTRATION OFFICES OF: ? PUBLIC AFFAIRS ? CONGRESSIONAL RELATIONS ? INTERNATIONAL AFFAIRS ? EQUAL OPPORTUNITY ? SECURITY OFFICES OF: ? THE INSPECTOR GENERAL ? THE GENERAL COUNSEL ? SPECIAL PROGRAMS ? PROGRAM ANALYSIS A EVALUATION ? COMPTROLLER Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 ORGANIZATION FEDERAL EMERGENCY MANAGEMENT AGENCY VII VIII IX X KANSAS CITY DENVER IsAN'FRANCISC4 SEATTLE ?  -----~ 1 NEED FOR AN INTEGRATED ' FEDERAL i CIVILSECURITY PROGRAM MASTER FFBD No. 1 CIVIL SECURITY PROGRAM 01 REVIEW LEGAL AUTHORITIES REVIEW AND EVALUATE CURRENT PROGRAM REVIEW AVAILABLE RESOURCES REVIEW CURRENT TECHNOLOGY REVIEW HISTORICAL RECORDS REVIEW EXISTING GUIDANCE VALIDATE AUTHORITIES F h ESTABLISH REQUIREMENT FOR TIES VALIDATE AUTHOEW EFFECTIVENESS OF PROGRAMS 7 B I ESTABLISH d REQUIREMENT FOR NEW 1B GUIDANCE 4 VALIDATE EXISTING AUTHORITIES Declassified in Part - Sanitized Copy Approved for Release 2011/12109: CIA-RDP89BO133OR000600870001-6 ESTABLISH PROGRAM ELEMENTS ISSUE FPC/FPG UNDER CURRENT LAW/EO ESTABLISH EXECUTIVE ATHORITY REQUIREMENT ESTABLISH LEGISLATION REQUIREMENTS I ESTABLISH 4 DOD FACILITY REQUIREMENT I ESTABLISH 1 CIV. FACILITY REQUIREMENT DEVELOP THREAT REQUIREMENT ESTABLISH ADVISORY SUPPORT REQUIREMENT DEVELOP DEVELOP f OBITf PRIVATE SECTOR POLICY I ESTABLISH INFORMATION REQUIREMENT DEVELOP DRAFT LEGISLATION DEVELOP FUNDING IMPLICATIONS T. VALTA C EY FA LIT, L VA LIDATE VALIDATE FP CPPG FPCIFPO IS SUE ISSUE NE W NEW FP C/FPG FPC/FPG REVISE EXISTING EXECUTIVE ORDERS CHANGE EXECUTIVE EXECUTE ORDERS NEW ED BASED ON EXISTING LAW RECEIVE OMB APPROVAL ENACT LEGISLATION ESTABLISH LIST MAINTENANCE PROCEDURES DEVELOP FEDERAL DEPT. PROGRAM PREVENT TECHNOLOGY LOSS BY ESPIONAGE SA ESTABLISH ESTABLISH EXERCISE PREV SECURITY RESOURCE OBTAIN STATE S AND ENT MAJ VALIDATE ESTABLISH CRITERIA REQUIREMENTS & RESPONSIBILITIES PARTICIPATION EVALUATE a OR DISRUPTION LOB MEANS LIST DOD SUPPORT FACILITY UST ESTABLISH INSPECTION/ y SUPERVISORY RESPONSIBILITY OBTAIN PRIVAT L E ESTABLISH AGENCY i RESPOND ESTABLISH INTELLIGENCE CIVILAN NEEDS PARTICIPATION 4 EFFECTIVELY TO A MAJOR GATHERING FACILITY LIST DEVELOP DISRUPTION RESPONSIBILITY THREAT INDICATORS/ WARNING 9 ESTAB CONT LISH ROL DEDICATE HARDWARE CRITE RIA ESTABLISH IN-HOUSE PROGRAM MGMT DEVELOP SYSTEM SOFTWARE OBTA IN NCS/T SUPP IWG ORT PROCURE NEW HARDWARE DEVELOP CONGRESSIONAL CONSTITUANCY ESTABLISH r PROGRAM MANAGEMENT REQUIREMENT DEVELOP PS RESPONSIBILITY RECOMMEND- ATIONS Declassified in Part - Sanitized Copy Approved for Release 2011/12109: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 F,ENIA Civil Security Functions and Information R~gtrirA&WOts March 1983 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 FEMA Civil Security Functions and Information Requirements March 1983 This document was prepared by the MITRE Corporation for the Federal Emergency Management Agency, Civil Security Division under contract EMW-C-1035. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Page LIST OF ILLUSTRATIONS LIST OF TABLES EXECUTIVE SUMMARY iv v vii 1. INTRODUCTION 1-1 1.1 Purpose and Objectives 1-1 1.2 Scope 1-2 1.3 Approach 1-3 1.4 Report organization 1-3 2.1 Background 2-1 2.2 FEMA Civil Security Roles and Responsibilities 2-4 2.3 Civil Security Information Management as a Microcosm 2-6 3. ANALYSIS OF FEMA CIVIL SECURITY FUNCTIONS 3-1 3.1 Functional Overview 3-1 3.2 Pre-Event Preparedness Functions 3-4 3.3 Trans-Event Response Functions 3-15 3.4 Post-Event Recovery Functions 3-20 4. INFORMATION REQUIRED TO SUPPORT FEMA CIVIL SECURITY FUNCTIONS 4-1 4.1 Classes of Information Requirements 4-1 4.2 Pre-Event Information Needs 4-1 4.3 Trans-Event Information Needs 4-17 4.4 Post-Event Information Needs 4-21 5.. INFORMATION PARAMETERS AND CONSTRAINTS 5-1 5.1 Attributes of Civil Security Information Requirements 5-1 5.2 Pre-Event Phase 5-4 5.3 Trans-Event Phase 5-23 5.4 Post-Event Phase 5-38 APPENDIX A - GLOSSARY A-1 iii Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Figure Number Page 2.1 CIVIL SECURITY SEGMENT OF FEMA INFORMATION SUPPORT MECHANISM 2-7 2.2 NATIONAL RESOURCE SYSTEMS OF CIVIL SECURITY CONCERN 2-9 3.1 FUNCTIONAL CONCEPT OF FENA CIVIL SECURITY MISSION 3-2 3.2 PRE-EVENT PREPAREDNESS FUNCTION 3-5 3.3 TRANS-EVENT RESPONSE FUNCTIONS 3-16 3.4 POST-EVENT RECOVERY FUNCTIONS 3-21 4.1 MAJOR CLASSES OF INFORMATION REQUIREMENTS 4-2 4.2 FEDERAL RESPONSIBILITIES FOR NATIONAL RESOURCE SYSTEMS 4-4 4.3 CATEGORIES OF EXTERNAL THREAT ASSESSMENT DATA REQUIRED BY CIVIL SECURITY 4-6 4.4 INFORMATION REQUIREMENTS FOR CONDUCTING RISK ANALYSES OF NATIONAL RESOURCE SYSTEMS 4.5 RISK ANALYSIS INFORMATION MODEL, WITH EXAMPLE Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Table Number Page P.1 TASKING THE PROVIDERS OF THREAT ASSESSMENTS 5-5 P.2 SYNTHESIS OF AVAILABLE THREAT ASSESSMENT PRODUCTS 5-6 P.3 RISK ANALYSIS 5-8 P.4 POLICY DEVELOPMENT 5-9 P.5 PLANNING GUIDANCE 5-11 P.6 PLANS REVIEW AND EVALUATION 5-12 P.7 PROGRAM COORDINATION 5-14 P.8 INITIATE PROPOSED NSC/LEGISLATIVE ACTION, AS WARRANTED 5-16 P.9 ADVISORY ASSISTANCE 5-18 P.10 LIAISON WITH CIVIL SECURITY COMMUNITY (FEDERAL AGENCIES/STATE/PRIVATE SECTOR) 5-19 P.11 REPRESENT FEMA ON INTERAGENCY CS COMMITTEES/ GROUPS/TASK FORCES 5-21 P.12 TRAINING/TEST/EXERCISE/GAMING SUPPORT (CS-RELATED ASPECTS) 5-22 P.13 PERIODIC STRATEGIC NET APPRAISALS OF CIVIL SECURITY 5-24 T.1 VERIFICATION OF OCCURRENCE 5-26 T.2 WARNING/ALERTING NOTIFICATION 5-28 T.3 DECISION SUPPORT 5-29 T.4 DECISION IMPLEMENTATION ACTION 5-32 T.5 INTERIM COORDINATION OF IMMEDIATE EMERGENCY ACTIONS 5-33 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 --  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 LIST OF TABLES (Concluded) Table Number Page T.6 INITIATE EXECUTION PLANNING/ASSET MOBILIZATION/READINESS FOR RECOVERY 5-35 T.7 CONGRESSIONAL AND PUBLIC AFFAIRS UPDATE 5-36 T.8 BAND-OFF/TRANSITION TO FEMA RESPONSE MANAGEMENT PRINCIPALS 5-37 R.1 ASSIST FEMA EICC/OEO AND STAFF ELEMENTS 5-39 R.2 ASSESS CONTINUING FOLLOW-ON CS THREAT 5-41 R.3 MONITOR RECOVERY PdASE ACTIVITIES/PROGRESS 5-42 R.4 DEVELOP AFTER-ACTION LESSONS LEARNED 5-43 R.5 REAPPRAISE/ADJUST POLICY, PLANS, PROGRAMS 5-45 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 ,  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 EXECUTIVE SUMMARY The Federal Emergency Management Agency (FEMA) is the focal point within the federal government for dealing with a wide spectrum of emergencies affecting the United States in peace and war. It has a central role in both domestic and national security emergencies ranging from natural and technological disasters through nuclear attack. One of its mission areas falling midway on the emergency spectrum is civil security. The organizational element of FEMA principally involved is the Civil Security Division of the Office of Mobilization Prepared- ness under the'National Preparedness Programs Directorate. A growing awareness of the functional dimensions and operational complexity of the mission made it increasingly apparent that existing information handling arrangements were inadequate, and that significant improvements were necessary if all of the diverse responsibilities of civil security were to be ful- filled. Accordingly, as part of a larger task to assist FEMA in developing an overall National Emergency Management System (NEMS), The MITRE Corporation was requested to give priority attention to a component sub-system of NEMS that would provide data and information management support expressly for civil security. The present report documents the results of this initial effort. Purpose and Approach The basic task objective is to identify and define the informa- tion requirements of the FEMA civil security mission. In order to reach that objective, specific answers are sought for the following questions: o What are FEMA's responsibilities with respect to civil security? o What functions are performed to discharge those responsibilities? o What information is required to support each of the functions? o What are the associated parameters and constraints of the needed information? The analytically derived findings that answer these questions in detail are contained in the body of the report. Salient highlights are summarized below. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 .__  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 FEMA Civil Security Responsibilities The scope of FEMA s civil security mission is broad. It covers a variety of measures to reduce the risks and potential con- sequences of disruption caused by deliberate acts of terrorism, civil disorder, sabotage, and subversion. This includes responsibilities for mitigation, preparedness, response, and recovery - and the coordination of related activities among other federal agencies, the States and local governments, and numerous private sector organizations. The mission is cast in a comprehensive time frame: pre-event, trans-event, and post-event. And it is concerned with the entire span of vital national resource systems, such as, electric power, telecom- munications, transportation, food and water, governance, and public health.. FEMA Civil Security Functions MA's civil security functions can be divided into three broad time phases: (1) pre-event preparedness; (2) trans-event response; and (3) post-event recovery. A total of 26 essential functions has been identified throughout all three periods. By far the largest number, amounting to 13, is found in the pre-event preparedness phase. These are on-going functions performed on a continuing oasis under normal conditions. They include all those activities of a prudential nature undertaken in anticipation of any civil security incident prior to its occurrence. They are projected toward the future, with tae aim of enhancing prevention, mitigation, preparations for, response to, and recovery from such incidents should they materialize. These pre-event functions mainly address: threats and risks; policy, plans, and programs; coordination and liaison; legisla- tive and interagency matters; and training and exercises. Trans-event response functions focus on the actual emergency at hand, and are therefore largely extempore, unique to a par- ticular event, and of relatively short duration. Depending on scenario circumstances, most are temporary, and some might be concurrent, truncated, or omitted entirely. Direct participa- tion by civil security staff personnel may be brief, confined only to the early stage until the FEri& response management principals can take over. Among the eight functions identified for this time phase, the major ones are: warning notification; providing various forms of decision support, including monitor- ing and assessment; decision implementation and interim opera- tional coordination; plus initiating execution planning, mobilization, and readiness for recovery. The fewest number of civil security functions occur in the post-event recovery phase. They are oriented to ancillary Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 support of those FEIMA elements having primary responsibility for recovery management. Of the five functions identified, the most notable are: staff expertise and advice on residual threats and risks; special liaison regarding civil security; and drawing lessons learned from the emergency experience. Information Requirements to Support Civil Security Functions The foregoing civil security functions were then subjected to further analysis to determine the kind and extent of informa- tion required in order to perform tnem. The results of this analysis reveal that a total of approximately 145 major cate- gories of information is needed for all of the functions: some 83 types are essential for the pre-event preparedness func- tions; 40 types during the trans-event phase; and 21 in the post-event recovery phase. Most of these information require- ments, moreover, are cast in generic terms, each category embracing a considerable breadth and depth of substantive content. Much of tnat information, by its nature, has to be obtained piecemeal or in increments from many different sources, and then must be aggregated syncretically before it can be utilized. Clearly, the volume and variety of informa- tion demands posed by the civil security functions imply a correspondingly sizeable and complex systems capability to acquire, process, and exchange the large quantities of data involved. Information Parameters and Constraints Finally, the functional information needs were examined at the next level of detail and characterized in operational terms. Each requirement item was analyzed according to the following attributes: source, security classification, frequency, accessibility, and application. It was founa in the majority of instances that multiple sources must furnish the informa- tion; sometimes ten or more contributing agencies are involved. Security classification, even within a given infor- mation category, tends to run the gamut from unclassified through top secret, and often beyond into the compartmented levels. Frequency of need for information, and of its updat- ing, ranges from hourly or daily to quarterly and annually, with many of the entries indeterminate because of scenario dependency. In general, those requirements pertaining to pre-event func- tions permit a more structured flow of information. There is usually less urgency and longer intervals between updates. During an actual civil security incident, however, the informa- tion processes are likely to change dramatically. In such a Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 trans-event phase, the need and currency are dictated by situa- tional imperatives that are inherently unpredictable -- varying with the nature, scale, and pace of the emergency as it unfolds. For certain types of information, the desired fre- quency, on both counts, then approaches real time. In the post-event recovery phase, the time-sensitivity of some infor- maton, though diminished, nevertheless remains relatively acute. Here again, frequency depends on the circumstances surrounding the recovery situation itself. FEMA's access to the different types of information may be routine, limited, or on an ad hoc basis, that is, only case by case upon request. Overwhelmingly, throughout all three phases, accessibility of most categories should be routine, while roughly a fifth would be limited in one way or another, and about 10 per cent ad hoc. The last parameter was the application of the required information when received, defined in terms of whether it is used by and within FE4A or becomes part of an output product. Some of the information types fall into both classes. For all functions and information require meats, the ratio between internal and output applications is found to be on the order of three to one. These output pro- ducts, however, are disproportionately critical, for they embody and articulate FEi4A's civil security management role in practice. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 1. INTRODUCTION At the time of its establishment, in 1979, the Federal Emer- gency Management Agency (FEMA) was assigned responsibility for an "all hazards" approach to disaster mitigation, preparedness, response, and recovery in the United States. In carrying out this mandate, the Agency tries to provide the vital ingredients for comprehensive emergency management--spanning the full spec- trum from local disasters to nuclear war and extending through all levels of government and the private sector. One of the vital ingredients in comprehensive emergency manage- ment is the development of information systems designed to sat- isfy both the mission requirements of FEMA as a whole and those of its separate components. The basic goal that FEMA has set for itself is the establishment of a National Emergency Manage- ment System (NEMS) and its correlative integrated information systems architecture. In its efforts to achieve this goal, the FEMA management has requested the assistance of The MITRE Cor- poration, an organization that has specialized in the develop- ment and utilization of advanced information systems. As a part of this larger task, MITRE was asked to concentrate initial attention on one of FEMA's component missions--the preparation for and response to major civil security threats and incidents. The present report records the results of this initial study. 1.1 Purpose and Objectives The basic purpose of this study is to review the FEMA civil security mission requirements and to identify the data and information needed to fulfill these requirements. More spec- ifically, the study is aimed at the following four questions: Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 o What are FEMA's responsibilities with respect to civil security? o What functions are performed to discharge those responsibilities? o What information is required to support these civil security functions? o What are the associated parameters and constraints of the information? The answers to these questions are documented in this report. Its contents present the substantive findings and recommenda- tions resulting from the study effort, and the product consti- tutes the "Requirements Book" called for in the sponsor's statement of work. 1.2. Scope The Scope of the FEMA Civil Security Mission is quite broad, covering efforts to reduce the consequences of major acts of terrorism, civil disorder, sabotage, and subversion. It includes actions aimed at mitigation, preparedness, response, and recovery--and the coordination of these actions among Federal, State, and local governments and numerous organiza- tions in the private sector of society. It deals with these actions in a comprehensive time frame: pre-event, trans-event, and post-event. And it is concerned with protection of the entire range of national resource systems--including all the lifeline systems (electric power, telecommunications, and transportation, as well as water, petroleum, natural gas, and waste disposal pipelines) and food, raw materials, industrial production, finance, public health, governance, and people (civil society). These various dimensions are taken into account in the subsequent analysis of the information func- tions, needs, and resources essential for the fulfillment of the FEMA civil security missi o2n. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 1.3 Approach The key members of the MITRE staff assigned to this project have had extensive previous contacts with FEMA and its prede- cessor agencies and have drawn on this background of experience in formulating and conducting the present analysis. This previous experience provided basic knowledge of the structure and functions of FEMA. This basic knowledge was augmented and refined in a series of interviews with staff members of the Civil Security Division and other relevant FEMA.components. These initial fact gathering interviews, in turn, were supple- mented by reinterviews wherein the "straw man" briefing tech- nique was utilized to test the applicability, relevance, and usefulness of the central ideas developed for this study. This involved. the presentation of the conceptual framework and central ideas to key FEXA staff members and--based on several interactive iterations-the progressive refinement and elabora tion of this conceptual framework and body of ideas. These data were further supplemented by an extensive and detailed review of numerous documents pertaining to FEMA as a whole and to the responsibilities and mission of the Civil Security Division. 1.4 Report Organization The subsequent chapters of this report are devoted to a detailed presentation of the analyses dealing with the FEMA civil security mission requirements and the corresponding data and information management needs. Chapter 2 begins the anal- ysis with a review of the FEMA civil security mission and with the notation that. this analysis has broad applicability for other FEMA mission areas. Chapter 3 presents an analysis of Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 FEMA civil security functions in relation to pre-event pre- paredness, trans-event response, and post-event recovery phases. Chapter 4 details the types of information needed*to support FM civil security functions during each of these three time phases. Finally, Chapter 5 deals with various attributes of the needed information in terms of source, sec- urity classification, frequency of need and update, access- iblity, and application. Beginning in Chapter 3, the reader will note that an internal coding scheme has been incorporated into the text, figures, and tables. The contents of this report were reproduced, at the request of the sponsor, on a Wang word processor Diskette as an added product of the research effort. The code is based on an alpha-numeric key designed to facilitate machine access and retrieval of the substantive findings according to any pre- selected combination of system features and their related information properties. A detailed explanation of the key is presented below. The first element of the code is a letter designating the respective time phase, as follows: "P", for Post-event Preparedness; "T", for Trans-event Response; and "R", for Post-event Recovery. The next element is an ordinal number corresponding to one of the discrete civil security functions performed within a given phase; thus P.5 refers to the fifth pre-event function. The third character is a letter indicating the particular information requirement associated with a specific function; thus T.4.B represents the second information requirement for the fourth trans-event function. The final element is a number in parentheses denoting one of the five parameters relating to a particular functional information Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 requirement. An example drawn from the report that illustrates the full code would be R.2.C.(4), which translates into: R, the "Post-event Recovery Phase"; 2, the function cited is "Assess Continuing or Follow-on Threat:, C, the information requirement specified for that function is "Projected Risk Analysis Estimates"; and (4) the parameter of the required information pertains to "Accessibility". Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 2. FEMA CIVIL SECURITY MISSION 2.1 Background Prior to the formation of the Federal Emergency Management Agency, there was no mechanism for coordinating all civil security emergency planning, management, mitigation, and assis- tance fuctions of the Federal Establishment. On August 25, 1977, President Carter authorized a reorganization study of Federal emergency preparedness and response programs. A special task force of the President's Reorganization Project was established to review the then-current status of those programs and to recommend appro- priate organizational remedies. One on the principal foci of attention in this task force was the wave of hijackings, kidnappings, bombings, and assassina- tions around the globe that seemed to signal an increase in the frequency and violence of terrorism and other civil disorders. The final summary report of the President's Task Force on Federal Emergency Preparedness and Response recommended a com- prehensive reorganization by consolidating existing agencies and additional responsibilities into a single, independent Executive Agency accountable to the President and to Congress for all Federal mitigation, preparedness, and response activi- ties. Among the specific recommendations was one dealing with the Federal response to the consequences of terrorist incidents: Experts on terrorism charge that Federal organization for dealing with terrorist incidents is insufficiently compre- hensive. Specifically, they express concern over the lack of a focal point for coordination of the Federal response to meet such potential consequences of terrorist action as significant resource disruptions and physical damage. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 The Project finds that such a focal point is lacking, and recommends that responsibility to coordinate vulnerability analysis and preparedness measures to mitigate the conse- quences of terrorism should be assigned to the new agency. (Task Force on Federal Emergency Preparedness and Response, President's Reorganization Project, Summary Report. Washington, D.C.: Executive Office of the President, June 19, 1978.) The consolidation of existing emergency preparedness and response agencies into a single new agency called the Federal Emergency Management Agency was accomplished by Reorganization Plan No. 3, submitted to the Congress by President Carter on June 19, 1978. In his transmittal message, the President also noted that responsibility for the Federal response to the con- sequences of terrorist incidents--a new function not then assigned to any specific agency-would subsequently be assigned to the new Agency. That assignment was made in Executive Order 12148, which charged.FEMA with responsibility for "the coordi- nation of preparedness and planning to reduce the consequences of major terrorist incidents". That same Executive order gave FEMA much broader authority for handling emergencies than existed in its predecessor agencies. The "all hazards" mission of FEMA is clearly stated in the following sections of that Executive Order: 2-101. The Director of FEMA shall establish Federal policies for, and coordinate, all civil defense and civil emergency planning, management, mitigation, and assistance functions of Executive agencies. 2-102. The Director shall periodically review and evaluate the civil defense and civil emergency functions. of the Executive. agencies. In order to improve the efficiency and effectiveness of those functions, the Director shall recommend to the President alternative methods of providing Federal planning, management, mitigation, and assistance. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 2-203. For purposes of this Order, "civil emergency" means any accidental, natural, man-caused, or wartime emergency or threat thereof, which causes or may cause substantial injury or harm to the population or substan- tial damage to or loss of property. (Executive Order 12148, July 20, 1979.) Additional authority on the subject of civil security was given to FEMA in two other Executive Orders. Executive Order 10421 provides for the physical security of facilities important to the national defense to include "security against sabotage, espionage, and other hostile activity and other destructive acts and omissions" not attributable to military defense or combat or to the dispersal and post-attack rehabilitation of facilities. The Director of FEMA is given broad authority to prescribe policies and programs governing activities of Federal agencies; developing and promulgating standards; assigning facilities to Federal agencies; approving or revising security ratings established by the Department of Commerce; reviewing physical security programs of Federal agencies; and keeping the President informed about the physical security of the facili- ties and furnishing him with appropriate recommendations. Executive Order 11490 consolidates the assignment of emergency preparedness functions to various Federal departments and agencies. The Director of FEMA is assigned responsibility for determining national preparedness goals and policies for the performance of emergency preparedness functions by Federal departments and agencies and in coordinating their performance with the total national preparedness program. FEMA also is directed to provide guidance to Federal departments and Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 .,yam,..  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 agencies and to evaluate their emergency planning and prepared- ness activities. 2.2 FEMA Civil Security Division Roles and Responsibilities Following the establishment of FEMA, these various authorities and responsibilities were delegated to the Civil Security Divi- sion, located in the National Preparedness Programs Direc- torate's Office of Mobilization Preparedness. The basic mis- sion of the Civil Security Division is to coordinate the Federal Government's preparations for and response to civil security threats and incidents. This includes responsibilities for transforming national objectives and federal policy into planning guidance for the Federal. Government's activities aimed at avoiding or mitigating the consequences of acts of ter- rorism, civil disorder, sabotage, and subversion. This involves requesting and receiving threat estimates; evaluating their impact on civil security programs; coordinating the production of vulnerability and consequence estimates for the various threats; reviewing and coordinating the civil security planning development of the executive agencies; and performing periodic appraisals of the government's civil security readi- ness posture. The major generic functions of the Civil Security Division- officially recognized by FEMA--include the following: o Conceptualizes and develops policy options for the Director of FEMA on the activities required to avoid *For other, more basic, authority on the civil security mission, see Pompan and Murray, A Practice Guide to the Legal Authorities for Reducing Widescale Consequences of Incidents Caused by Deliberate Manmade Acts, Washington, D.C. 1983. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 or mitigate consequences resulting from acts of terrorism, civil disorder, sabotage, and subversion. o Prepares and promulgates Federal planning guidance to implement the approved policy. o Reviews existing authorities for civil security programs and recommends changes or new authorities, as appropriate. o Develops civil security programs and reviews Federal, State, and local government and private sector plans to avoid or mitigate the consequences of civil security incidents. o Coordinates the development of vulnerability and consequence estimates for each of the national resource systems (energy, transportation, food, etc.). Ensures that appropriate threat information is received and acted upon by other responsibile agencies. o Funds research relating to the mission and functions of the Civil Security Division. Develops procedures to ensure the exchange of civil security information between scientific and technical groups and Federal, State, and local agencies. o Recommends procedures for reviewing, evaluating, and improving the Federal Government's civil security preparedness. Prepares reports on the efficiency and effectiveness of the Federal civil security program for inclusion in the Director's annual report to the President. o Develops the "lessons learned" from incidents and exercises, and coordinates recommendations for necessary changes in policies and programs. o In coordination with the Information Resources .Management Office,'develops a management information system that will effectively support civil security objectives. o Represents the Federal Emergency Management Agency in meetings where civil security issues are discussed. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 o Participates with other FEMA components and other Federal agencies in the design and conduct of exercises to test emergency procedures and plans for dealing with civil security incidents. o Develops coordination procedures between Federal, State, and local governments and the private sector for the exchange of civil security information. 2.3 Civil Security Information Management as a Microcosm These and other specific functions of the Civil Security Division are subjected to detailed analysis in the following chapter. Before turning to that analysis, however, it should be noted that the civil security functions of FEMA comprise only one segment of the total FEMA information management system. The analysis that follows focuses attention exclu- sively on the civil security domain but should be viewed in a wider context of the information support mechanism needed for the conduct of all FEMA emergency management activities. Figure 2.1 depicts the overall National Emergency Management System (HEMS) and the civil security mission within that sys- tem. The civil security domain comprises only one segment of the larger NEMS. Despite certain unique features, it can serve as a microcosm of similar information management requirements characterizing other FEMA mission areas. As a microcosm of the larger system, civil security shares the following characteris- tics with most of the other mission areas: o The actors involved in emergency mitigation, pre- paredness, response, and recovery plans, programs, and operations are numerous and diverse. As shown in Figure 2.1, they include the President and the White House Staff, other Federal Agencies, the FEMA regions,. the States and local jurisdictions, and many agencies in the private sector. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 o The audiences with whom FEMA must communicate in carrying out its missions are similarly numerous and diverse, both in terms of input and output information. o The types of information required pertain to func- tions in all emergency time phases-pre-event miti- gation and preparedness; trans-event response; and post-event recovery. o All activities must be closely coordinated internally and externally--with both governmental and nongovern- mental agencies. o Persons responsible for carrying out mission respon- sibilities must be prepared to act in both a routine and in an emergency or crisis mode. The sudden shift from routine planning activities to emergency opera- tions places a premium on organizational adaptiveness and flexibility. o Risk assessments and vulnerability and consequence analyses are essential in structuring mission activi- ties and in determining key informational requirements. o The national resource systems of civil security. concern (see Figure 2.2) are also of concern to all other mission areas. They cover the gamut of ele- ments essential for societal survival and continuity and thus require continuing attention and protection. o Education and training programs, the conduct of tests and exercises, and the continuing critical evaluation of actual emergency operations are essential for achieving the requisite coordination of effort among relevant agencies and for developing an enhanced state of readiness. In the light of these similarities, the subsequent detailed analysis of the information needed for handling civil security functions can be viewed as a prototype for studying other FEMA mission areas and for developing the overall architecture of the FEMA National Emergency Management System. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 J O Z O M O J F-{ CL W. C.) O I -- C, CD W H C H Cr3 < J a J n-~ < Co < W H 1-f W = D cC I- W < y D 3 Z m 3 H ti CL C0 s CD 2-9 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 3. ANALYSIS OF FEMA CIVIL SECURITY FUNCTIONS Inherent in the broad scope of the civil security mission is a wide variety of roles played by FEMA. Most of these roles are of complex dimensions, some with many ramifications. The fol- lowing analysis, identifying the different kinds of component activities that must be carried out, reveals the range of dis- crete functions essential to accomplishing one or another aspect of the overall mission. Not every function, by any means, is actually executed by the Civil Security Division alone. Many are performed by or with substantial assistance from other FEMA staff elements, or by other Federal agencies or even the States and local jurisdictions. The role of the Civil Security Division is one of initiation, coordination, over- sight, and general orchestration, to ensure that all of the functions are in fact fulfilled. 3.1 Functional Overview A salient feature of the civil security mission is the sheer number of functions involved. Depicted schematically in Figure 3.1 is a macro-view showing the total functional universe of FEMA civil security. It is intended to be comprehensive and embraces the full spectrum of major functions to be performed throughout the successive stages of the entire management process relating to the,civil security mission area. The functions displayed are arranged in successive groups from left to right along the horizontal axis according to three time frames. Those appearing in the first, or pre-event prepared- ness phase, are generic functions performed on a continuing basis under conditions of normalcy. They are of a contingency nature and include all conceivable preparatory measures that Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 EXTERNAL. I1111TS FNOIt OUISIOE FEMA 1- - - - - - TeuaT Asusushut ,ESTIMATIVE "POSTS I TWO INT111I$INCE COMMON/TV. AID Other sauces, 1 Including Upduetl I (I.e., Flamhed I I Products) I IPI PRE-EVENT PNEPANI SS ICo1TI11ois ON-to1M Fercllortl P.1 TNUaT IOi.tNaulw iasguMs P.2 STuuUSIs use CS-uuui TMatAT ASSESSMENT P.3 RISS Alatvsis P.4 Potlcs DEVEterius is CS P.6 Pta111Ne 6eloaec1 P.S. Ptaes REVIEW AN EVHeATIO1 IPuuauiwllcaciuillscovtss ) P.7 PaNNsM CMpIUTIM IPoolieluoNl MI TIILIIONllkCOSTITII/III P.S INITIATE PROMSte NSCIUsIS&ATIVE ACTION. AS WNNAIIIN P.S MVIMRV ASSISTANCE P.10 EIa1664 Milo FtiE AL AuiIEs. S1AT[t 11NOVS110 P.11 Ruustu FEMA ON IMlteaeuicv CS CMMIllus/6MiPsS1asr foects P.12 IRA/11MITss;SIEuuaciu/16AM11o (CS ASPECTS 1111) P.13 PEslalc STSaltelc NET APPuAI$ats of STATE of CS 'vial' U1_JI *IIS-E T NESPOYSE IAt Hoc Eueu1CY-SPtciIlc FONCTIONs) 1.1 VEUf ICAT1o1 1.2 NASMINOIAttUTINS NOTIfiC*TIM 1.3 Dsclsisa SurrosT (SiTYATION. IwiIcAl1ON$. OPTIONS SIC.) 1.4 Dtcisio1 INPtlNIa1ATIM T.6 INVEST* MANASEUMT COORDINATION - ENgUEMCV RESPONSE ACTIONS T.6 INITIAU PIAMINOIAsuT IlosutIlATION Fee Rtcovuas 1.7 CMs.sssloN*L AMD Poetic AFF1les INNATE 1.8 Mauo-Oiiilaaasiiio1 t0 FENA RESPONSE PRINCIPALS WAS OCCUR Eaitltsl IFEEORAEXI ill Pl T-Eyu1 oIbVENY IAICI1 aeV MAuasENENT SOPPMT FvSscilst1 2.1 Assisi FENA EICC is STArr 1111111$ 2.2 Muss CoTT11INIFOLLw-00 b"AlfRtu 2.3 MOTION Atco ISY Luau PRMSEss 2.4 OlyltN AFTthAcn1ON llssous LEARNER 11.5 81APPsAISEIA83esl POLICT. PLANS. Psiaaas FUNCTIONAL CONCEPT FEMA CIVIL SECURITY MISSION (Emergencies Resulting from Terrorism, Civil Disorder, Sabotage, Subversion) Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 might be taken in anticipation of any civil security incident prior to its occurrence. Those grouped in the second time frame, the trans-event response phase, are the ad hoc emergency-specific functions performed in real time when such an incident actually happens. Triggered by the event itself, they are acute, usually compressed in time, and, depending on scenario circumstances then prevailing, may be of relatively short duration before giving way and melding into the functions of the next phase. This last set, associated with the post-event time frame, marks an indefinite period. It repre- sents those ancillary civil security functions attending the restoration and clean-up operations to recover from the conse- quences of an incident. The basic dynamics of this three-stage process can be viewed as a single grand cycle closing upon itself, one where the last function links again with the very first. Within each time frame, the functions are also arrayed generally in descending order along the vertical axis. The sequence, however, reflects logical relationships as much as chronology. There is considerable overlap among them. Some of the functions are performed concurrently, while many others generate feedback affecting preceding ones. Together they form a coherent continuum that unfolds more or less incrementally as shown. This, however, may not always be the case. Under some conditions, the sequence of functions may be compressed, trun- cated, or inverted. Discussion of the individual functions themselves will be deferred to subsequent sections immediately following. There, each function is described in detail for all three time phases in turn. As shown in Figure 3.1, there is an obvious time-skewed pattern to the functional distribution. Overwhelmingly the greatest number of functions take place during the first, or pre-event ? 3-3 _ Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 preparedness phase. The number diminishes markedly in the second, or trans-event phase. By far the least are found in the final, or post-event phase. The explanation for the decrease is that once such an emergency has materialized there are few civil security-unique functions remaining. On a majority of occasions the response and recovery demands con- fronting FEMA are likely to be little different from those posed by similar disruptions irrespective of cause. The conse- quences of a critical bridge collapsing, for example, are fundamentally the same whether the result of terrorist demoli- tion, natural disaster, or accident. Most management func- tions, therefore, would devolve upon appropriate elements of FEMA normally responsible for recovery activities in the after- math of any emergency situation. Civil security considerations then become peripheral compared to the main task of recovery itself. 3.2 Pre-event Preparedness Functions (P) The pre-event phase is a continuous on-going process that includes all of FEMA's management activities addressed to future civil security contingencies. The object is to enhance prevention, mitigation, preparation for, response to, and recovery from such incidents before they occur. Figure 3.2 identifies the specific types of functions involved. Each is described in further detail in the sections below. 3.2.1 Tasking the Providers of Threat Assessments (P.1) The process begins with threat. FEMA is not in the intelli- gence business, but is a user of finished threat assessment products obtained elsewhere. It relies on external inputs from the intelligence community and other sources to acquire the needed assessments, as well as updates and amplification. For 3-4 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 EXTERNAL DIPM FROM OuTsIDE FEMA INTtILIStNCt TNREAT L AtG[NNNtNT PROOSCTS -~ ? TNREAT Ys TARscTS/ATTACE TYPEIVULNERASIIITY/POTENTIAL CONSESUENCts - DISiCNINATION. As APPROPRIATE US GOVERNMENT NATIONAL OuccTlrtsIINTERtsts I PLANS INFORMATION FRO1 I I FEDERAL AstiC299. STATSS.I I INDUSTRY I I FEDERAL AGENCits. STATES. (P) PRE-EVENT PREPAREDNESS (CONTIN000R ON-GOING FUNCTIONS) P.1 TASKING OF THREAT INFORMATION PROVIDERS (EEI) P.2 STNTNtsIS OF AVAILASLE THREAT ASSESSMENT INTELLIGENCE PRODUCTS P.3 RISK ANALYSIS P.11 POLICY DtrtloPN[NT It CS (GOALS. RES-ouszSZLMIS. ROLES. ANTNORITY) P.S PLANNINi GUIDANCE (CoictPTS. DOCTRINE. STANDARDS) P.G PLANS REVIEW AND EVALUATION (PREVENTION. REACTION. RECOVERY) - Ellsttset. COMPLIANCE WITH GuIDAStt. ADEQUACY/ INPLENINTANILITY - CONFLICT RESOLUTION P.7 PROGRAM COORDINATION - PHYSICAL SECURITY (PRtvENTIouIPROTECTIoMISAKiuAROs) - HAZARD REDUCTION U.S.. CONCtAI4ENT. HAsotMINS) ? DAMAGE LISITATIONIEFFECTS MITIGATION U.S.. CONTAINMENT. REDUNDANCY) - RESPONSE - DIRECTION AND CONTROL MECHANISM - PROetDNREs P.9 ADVISORY ASSISTANCE ? TECHNICAL THREAT DEVELOPMENTS (E.G.. NEW EXPLOSIVE DEVICES) SECURITY TECHNOLOSY DEVELOPMENTS U.S.. NEW PENETRATIOM SENSORS) P.10 LIAISON WITH FEDERAL AGENCIES/STATES/TNDUSTRY RE CS MATTEPV P.11 REPRESENT FEMA ON INTERAGENCY CS COMMITTEES/GROUPS/TAGS FORCES P.12 TRAINING/TESTS/EXERCISESIGANINI (CS ASPECTS ONLY) P.13 PERIODIC STRATtlIC NET APPRAISALS OF CS - THREAT LEVELICLIMATE/TRENDS - CS CAPASILITIES/POSTUREIREAOINtS$ FIGURE 3.2 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 civil security purposes, the tfireat information derived from sources outside FEMA may be regarded as strategic intelli- gence. It serves as the premises.on which most of the pre-event functions are predicated. The first function (P.1), accordingly, is the tasking by FEMA of those organizations that are in a position to supply threat assessment information. This presumes that prearranged autho- rity to do so exists. The tasking may be in the form of requests for formal estimative products analagous to a National Intelligence Estimate (NIE), but dealing with civil security threats, or to a Special National Intelligence Estimate (SNIE) focusing on a particular aspect of a given threat. In addi- tion, FEMA might also levy standing requirements cast in a form similar to Essential Elements of Information (EEL) to guide those who acquire threat information. Provisions must also be made for periodic, spot, and by-exception reporting of signi- ficant new items bearing on the threats as they develop. 3.2.2 Synthesis of Available Threat Assessment Products (P.2) The second function is one of aggregation, collation, and integration of the threat assessment information coming from multiple external sources. It has to be organized and inter- preted into a master current assessment expressly tailored to the needs and interests of civil security. For a full appre- ciation of the threat, common patterns must be recognized, trends inferred, and forecasts extrapolated. These second order implications are the driving factors that determine how and where the threat intelligence should be exploited to enhance national civil security. They motivate and shape all aspects of preparedness. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 3.2.3 Risk Analysis (P.3) Based on the threat assessments, the next function is to analyze what they mean insofar as risks posed for national resource systems. All that is known about a given threat has to be matched against the resource systems that it might disrupt. Then, each such combination of threat vs. system must be examined in terms of: o Types of targets likely to be struck o Probable attack mode employed o Vulnerability and susceptibility of those targets to such attack o Potential consequences expected or possible if the postulated threat action succeeds. Each of the above dimensions of risk analysis constitute major subfunctions in their own right. Many of them, however, would be performed in large part by others in coordination with the FEMA Civil Security Division. 3.2.4 Policy Development for Civil Security (P.4) One of the most important functions is formulating national policy with respect to civil security matters. Since the civil security community is so large and pervasive, with many dif- ferent participating agencies, echelons of jurisdiction, and private sector organizations involved, there is need for a coherent and comprehensive body of U.S. Government policy establishing common national aims and priorities. A concomi- tant of setting policy goals is allocating roles, missions, and authority governing who is assigned which tasks and objectives, along with defining the responsibilities and prerogatives attendant thereto. The function of FEMA in this regard is to Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 help initiate, develop, and coordinate such national civil security policy, and once adopted, to promulgate and implement it. The function applies equally to amendment or amplification to existing policy. 3.2.5 Planning Guidance (P-5) This function is essentially the issuance of strategic direc- tion and terms of reference for the development of civil secu- rity plans or annexes to plans. Central management at the national level is necessary to ensure that the resulting family of plans is compatible and the plans reinforce one another. The guidance stems largely from the preceding policy function. Depending on the agency concerned, the plans to be drawn can pertain to any phase or aspect of civil security operations, from prevention and mitigation, through preparedness, to response and recovery. FEMA, besides levying the requirements for such planning, provides the concepts and premises on which it will be based, outlines the doctrinal principles its sub- stance should reflect, and establishes criteria and standards to be met. Other instructions may also be given, such as identifying critical areas where planning coordination is needed between agencies. 3.2.6 Plans Review and Evaluation (P.6) Effective preparedness requires quality assurance of civil security plans. A mosaic of separate yet interrelated plans must be produced by the various Federal departments and agencies, by the States and localities, and by private sector organizations. They would differ in content, purview, and application. An important FEMA function, therefore, is to see to it that, individually and collectively,these plans take into Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 account and adequately provide for every contingency need oeariag upon civil security. The first step is determining wnetner required plans exist, and if so, their status. They must then be reviewed for compliance with current policy and FEMA guidelines, and be evaluated from the viewpoints of completeness, currency, appropriateness, and feasibility. Missing plans must be'developed, and any gaps, problems, or conflicts within or between plans must be recon- ciled. The function is essential to a sound planning struc- ture, national in scope and accommodating all civil security requirements waatever the action level or scenario circumstance. The large number of plans involved will undoubtedly require the delegation of a portion of this function. such delegated review and evaluation, as well as the major planning products that result, would oe subject to oversight by FEMA. 3.2.7 Program Coordination (P.7) The program coordination function is multidimensional and complex. It may be regarded as a set of parallel but sepa- rately performed functions. There is virtually an unlimited number and variety of potential programs, or distinct program increments, to contend with, though not all are being actively pursued at present. They can range the gamut of preparatory measures directed toward reducing vulnerability, improving response capability, or lessening the disruptive consequences when an incident occurs. Characteristically, many participants are involved in implementing them. The national focal point for coordinating and managing all such programs is FEMA. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 Physical Security is a broad program area containing several major components. It embraces prevention, protection, and safeguards against disruptive acts. The measures and means are designed to deter or preclude successful attack, or to counter and defeat it if attempted. Illustrative examples, either currently underway or. projected, are: o Emplacement of barriers and perimeter fences o Surveillance devices and alarms o Patrols o Tactical teams to eliminate or neutralize threats A complementary program area is hazard reduction, such as con- cealment or hardening of sensitive facilities and critical sys- tem elements. An example might be to put emergency operations centers underground, or to install failsafe equipment, such as automatic sprinklers wherever flammable or volatile substances are concentrated. Another closely related program pertains to damage limitation and mitigation of immediate effects stemming directly from an attack. This. could be, for example, redundant or backup facilities, modular configuration and dispersed sit- ing of components, or containment features to minimize collat- eral damage. The latter is extremely important for certain inherently inviting and exposed targets where any initial destructive impact is likely to be escalatory, triggering wide- spread chain reactions. A case in point is POL tank farms--or storage depots for explosives. These attractive, high-value targets of opportunity, particularly if located within or in proximity to congested urban and industrial centers, call for special program attention on civil security grounds alone. The program could, among other things, encourage construction codes 3-10 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 requiring revetments and levees around such installations, or zoning ordinances to isolate them geographically. Other programs are oriented mainly to enhancing the civil security infrastructure and its capacity to respond. They provide for better organization and training, upgraded facili- ties, and acquisition of necessary resources, including person- nel, equipment, and supplies. A more general program area of FEMA that has direct utility for civil security purposes is the development of direction and control mechanisms at every response level. This applies particularly to telecommunica- tions and information management systems. An additional response program, though not formally defined as such, emphasizes emergency action procedures, which apply to civil security emergencies in common with other types. There is also currently underway a program covering all aspects of civil security relating to maritime ports. It represents in micro- cosm the entire civil security mission. Presumably other analagous applications programs will follow. In sum, program coordination is a constellation of functions, each keyed to its respective program. It may be expected that over time the total agenda of civil security programs under FEMA purview will expand. 3.2.8 Initiate Proposed NSC or Legislative Action (P.8) As the civil security environment evolves and policies and strategy change, there will be need for new authority, modifi- cation or clarification of existing charters, or other basic institutional adjustments regarding the civil security struc- ture and process. At issue might be jurisdictional ambiguity Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 or statutory constraints impeding FEMA's civil security mis- sion. Initiating, coordinating, and advocating such proposals, whether to be acted upon by the Executive Branch at the White House level or by Congress, is a function of the FEMA civil security staff. It is the Agency's organizational element having the relevant expertise, subject competence, and respon- sibility. Thus, in conjunction with the legal counsel, it would, formulate, develop, and coordinate any proposed execu- tive orders, directives, or laws affecting its sphere. This includes preparing the supporting rationale and testimony to justify the proposed action before the National Security Council or Congressional committees. By extension, the func- tion also includes similar staffing vis-a-vis regulatory boards and commissions. 3.2.9 Advisory Assistance (P.9) Advising the civil security community is a general function. Advice might be requested or volunteered, and could cover a wide range of topics. One specific area'would be technology. FEMA is in a unique position to serve as the central clearing- house for maintaining and exchanging technical information regarding civil security. As part of its responsibilities in this mission area, it could advise all parties concerned on current and emerging technical developments with respect to threat capabilities, such as new explosive devices and toxic agents or sophisticated new skills and techniques employed in perpetrating terrorist acts or sabotage. On the other hand, it could also advise on developments in technology designed to thwart threats, such as new penetration sensors and surveil- lance devices or new methods of fire suppression and bomb dis- posal. In addition, advice might also be provided on new vulnerabilities being incurred in national resource systems 3-12 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 because of technological advances, such as the introduction of sensitive and critical control equipment. None of the above excludes other, more basic kinds of advisory assistance. This could be in the form of recommended organiza- tional and procedural solutions for dealing with local problems or special circumstances. 3.2.10 Liaison with Federal Agencies, States, and Private Sector Organizations (P.10) The liaison function is essential for establishing and main- taining rapport with the civil security community at large. The purpose and scope are broad and flexible, rather than cir- cumscribed. It is performed through informal dialogue directly between the FEMA civil security staff and counterpart elements of key agencies and, at times, selectively with state officials and with certain private sector organizations having a major role in the national resource systems. The mutual exchange of information allows FEMA to keep abreast of what is happening throughout the community and to recognize latent or emerging problems and opportunities that might not otherwise become apparent. Conversely, members are apprised of developments elsewhere that may have implications for them. Such open channels promote cooperation generally, and when occasion demands, can facilitate coordination to deal with specific matters of immediate concern. 3.2.11 Represent FEMA on Interagency Civil Security Committees (P.11) At any given time there are a number of interagency committees, panels, and task forces set up to address civil security issues. One'of the functions of the FEMA civil security staff 3-13 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 is to serve as the agent of FEMA, presenting its views, posi- tions, and recommendations is the deliberations of these groups. This function includes performing all the staffing preparations and coordination, both internally within FEMA as well as externally with other agencies affected and other interested parties. It may involve extensive interactions with many levels of FEMA's civil security constituency, at the Federal, State, local and private sector levels Achieving con- sensus beforehand on controversial points could be critical to the favorable outcome of such interagency proceedings. 3.2.12 Training, Tests, Exercises, and Gaming Support (P.12) This function refers to a standing' requirement to provide special expertise in support of, or to participate in, any training, tests, exercises, and simulation gaming wherever civil security is involved. It could include assisting in the development, planning, or conduct of such activities, as well as managing their execution and evaluating the results. What the function consists of and how it is performed, therefore, vary considerably insofar as the kind and extent of demands placed on the FEMA civil security staff. 3.2.13 Periodic Strategic Net Appraisals of Civil Security P.13 From time to time, FEMA must produce strategic net appraisals of the state of the nation's civil security. Basically the function is overall assessment of conditions with respect to threat, vulnerabilities, and capabilities. Included would be an estimate of the threat climate in terms of its current level, salient characteristics, and perceived trends. A cor- relative estimate would address significant vulnerabilities presently existing in national resource systems, their suscep- tibility to attack, and the disruptive effects likely to 3-14 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 ensue. There would also be an accompanying estimate of civil security capabilities, posture, and readiness to cope with the threats, along with vulnerability reduction measures underway or planned. Finally, summary conclusions would be drawn as to the prospects for responding to such emergencies and recovering from their potential consequences. The function provides a vital service, not only in support of senior executives and decisionmakers, both in FEMA and the Administration, but also may have value for Congress and the public. 3.3 Trans-event Response Functions (T) The trans-event response phase commences when a threat mate- rializes and a civil security incident occurs. By definition, it focuses on the event at hand and, therefore, the functions are ad hoc, performed in real time, and are emergency- specific. Figure 3.3 presents schematically a description of the major functions carried out during this phase. Normally the functional sequence would be triggered abruptly by the first awareness by FEMA that something has happened relat- ing to civil security. However, as the dotted area appearing in the Figure 3.3 diagram igdicates, there may sometimes be advance tactical warning that an event is imminent, thus pro- viding lead time. The functions would then begin immediately upon receipt of such warning. It should be noted that the duration and extent of civil security involvement is scenario-dependent. On most occasions it is expected to be relatively brief, lasting only until the regular FEMA apparatus for response management is marshalled and can take over. Hence, the civil security staff may not be directly involved in all of the functions listed.- 3-15 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 (T) TRANS-EVENT RESPONSE (AD HOC EMERGENCY-SPECIFIC FUNCTIONS) T.2 WARNING/ALERTING NOTIFICATION (INTRA-FEMA AND EXTERNAL. E.G.. WHSR) T.3 DECISION SUPPORT - DAMAGE ASSESSMENT - IMPACT/CONSEQUENCES PROJECTION (SCOPE. SEVERITY. DURATION) - SITUATION MONITORING/ANALYSIS (STATUS REPORTING) - RESPONSE-REACTION OPERATIONS MONITORING - PRELIMINARY REQUIREMENTS ESTIMATES - BRIEFING FEMA/EOP DECISION MAKERS (FACTS AND IMPLICATIONS) - OPTIONS/COURSES OF ACTION DEVELOPMENT AND RECOMMENDATION - RECOMMEND AUGMENTATION OF EICC/ACTIVATION OF EMERGENCY ACTION TEAM T.5 INTERIM COORDINATION OF IMMEDIATE EMERGENCY ACTIONS (RESCUE. EVACUATION. DAMAGE. CONTROL. LIFE AND PROPERTY PRESERVATION) T.6 INITIATE EXECUTION PLANNING/ASSET MOBILIZATION/READINESS FOR RECOVERY T.8 HAND-OFF/TRANSITION TO FEMA RESPONSE MANAGEMENT PRINCIPALS (MAY OCCUR AT ANY EARLIER STAGE. DEPENDING ON SCENARIO) 3-16 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 The individual functions are discussed in the sub-sections immediately following. Selected details explain and amplify each 'of them in turn. 3.3.1 Verification of Occurrence (T.1) The essential first function is to verify that a reported civil security incident has indeed occurred. A vital component of that function is establishing basic facts: what happened, where, and how serious does the event appear to be?_ Initial characterization and sizing estimates are critical as to whether many of the subsequent steps should be taken. The report could be a false alarm, or the incident may be only of local significance. On the other hand, a seemingly trivial event may be seen from the national perspective as bearing the seeds of a major emergency. 3.3.2 Warning and Alerting Notification (T.2) The next function is a crucial one. All of the agencies, officials, and watch centers having a direct need to know must be warned that an emergency exists. Among those to be immedi- ately notified, for example, would be the FEMA Emergency Infor- mation Coordination Center (EICC) and the Director and senior executives of FEMA, the White House Situation Room (WHSR), the National Military Command Center, the FBI operations center, other relevant departments and agencies, and perhaps certain State governments. Also to be alerted as a second priority would be those agencies and organizations likely to be affected in one way or another by the event or its aftermath. This could include private sector elements, such as the transporta- tion carrier industry or telecommunications companies. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 3.3.3 Decision Support (T.3) A vital function of the trans-event phase is the multifaceted one of providing decision support, which shapes the kind of operational response that is taken in connection with the inci- dent. The function consists of its own sequence of functional steps. As outlined in figure 3.3, the series of component sub-functions comprises the following: o initial assessment of the emergency event in terms of immediate casualties and damage incurred, based on the information available o Estimated direct impact on national resource systems and projected consequences, including the probable scope of disruptive effects, their severity, and duration o Monitoring the current situation on scene and updating status changes, along with analysis of reported information o Monitoring the current response-reaction operations underway on scene to cope with the incident o Preliminary estimates of resources required to respond to the event o Briefing decisionmakers in FEMA and senior executives of the Administration on the facts and implications of the event o Developing strategy options and proposed courses of action to deal with the emergency o Recommending augmentation of the EICC and activation of FEMA emergency action teams to manage response activities. 3.3.4 Decision Implementation Action (T.4) This function sets in train the course of action adopted. It involves preparing and issuing orders and instruction tasking all of the agencies and organizations responsible for carrying 3-18 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 out the response operations decided upon. The function is time-sensitive, and different kinds of instructions may have to be given to many agencies. 3.3.5 Interim Coordination of Immediate Emergency Action (T.5) In the interim, before the full response is implemented, some urgent crisis actions of immediate priority may have to be executed as soon as possible. These could be, for example, rescue and evacuation operations to save lives, damage control to prevent the situation from getting out of hand and turning into a large-scale catastrophe, and a variety of other efforts to preserve life and property. The function of coordinating such immediate actions at the outset of the emergency may temporarily have to be performed by the FEMA civil security staff. 3.3.6 Initiate Execution Planning, Asset Mobilization, and Readiness for Recovery (T.4) Another function that civil security may temporarily have to perform is to begin preparations for recovery operations. Depending on the scenario, delay might prove costly. The func- tion could include getting execution planning started, seeing to it that mobilization of necessary manpower and resources is underway, and initiating an appropriate state of readiness generally. Again, a considerable number of agencies and organ- izations might be involved. The staffing and coordination task would be correspondingly large and subject to time pressures. 3.3.7 Congressional and Public Affairs Update (T.7) In any emergency there is always a great demand for information from many quarters. In collaboration with the EICC, the civil security staff would input that information, through briefings and status reports, to the FEMA Congressional relations staff 3-19 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 and the public affairs office. The latter would process and release it through their own channels to their respective audiences. The FEMA civil security staff would not itself deal directly with the news media or members of Congress. 3.3.8 Hand-off and Transition to FEMA Response Management Principals (T.8) This function marks the termination of civil security's direct role in response management. Presumably at this stage, FEMA's regular response management principals would be actively taking over and in charge. The transition could come quite early in the emergency -- indeed could be the first step taken in the trans-event period. As soon as the hand-off was effected, civil security would retire to the background and eater into the next phase, where its post-event recovery functions become relatively peripheral to the main stream of FEMA activity in relation to the emergency. 3.4 Post-event Recovery Functions (R) In tae final phase, during post-event recovery, civil security is relegated to a subordinate role. Relatively few functions that are uniquely of a civil security nature remain to be performed. Most of the recovery responsibilities fall in other mission areas of FEMA, and the civil security staff is more or less on standby, though it does provide certain ancillary sup- port to recovery management. Depending on scenario, some of these residual functions can nonetheless be important and of considerable scale. Figure 3.4 depicts the sequence of typical post-event recovery functions expected to be performed. Each is discussed in further detail in the subsections below. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 (R) POST-EVENT RECOVERY .(ANCILLARY MANAGEMENT SUPPORT FUNCTIONS) R.1 ASSIST FEMA EICC AND STAFF ELEMENTS - PROVIDE CS STAFF EXPERTISE. AS REQUIRED - MAINTAIN LIAISON WITH CIVIL SECURITY COMMUNITY R.2 ASSESS CONTINUINGIFOLLOW-ON CS THREAT - RISK ANALYSIS (OTHER TARGETS. VULNERABILITY. CONSEQUENCES) - ADVISE ALL CONCERNED (INTRA-FEMA AND EXTERNAL) R.3 MONITOR RECOVERY PHASE ACTIVITIES/PROGRESS (APPRISE INTERESTED AGENCIES) R.4 DEVELOP AFTER-ACTION LESSONS LEARNED - SUBSTANTIVE PROBLEMS ENCOUNTERED - SYSTEMS DYSFUNCTIONALITIES EXPERIENCED R.5 REAPPRAISE/ADJUST POLICY. PLANS. PROGRAMS FIGURE 3.4 POST-EVENT RECOVERY FUNCTIONS 3-21 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 3.4.1 Assist FEMA EICC and Staff Elements (R.1) A post-event function performed on a sustained basis is to pro- vide timely specialized staff support regarding civil security matters to the EICC, the Office of Emergency Operations (OEO), and other elements of FEMA whenever such expert assistance is required. Many of the recovery operations can have significant civil security implications, and recovery management must take these considerations into account. Another aspect of the same function is maintaining active liaison with those agencies and organizations of the civil security community that may have continuing interest in the emergency event or may be affected by or have a role in recovery. An example would be law enforcement to prevent looting, or to cordon off dangerous areas. Much of the necessary coordination of this kind could be accomplished via such specialized liaison between the civil security staff and other groups involved in the recovery process. 3.4.2 Assess Continuing or Follow-on Threats (R.2) A given emergency event confronting FEMA may be only one in a series of incidents, or part of a concerted larger campaign of threat actions to follow. Accordingly, an essential civil security function is intensive risk analysis to identify other vulnerable targets that might be affected, and also to estimate the likely consequences if these too were to be struck. In some senarios, this could be an extended iterative process requiring interaction with many agencies and organizations. The products of the risk-analysis function would be dissemi- nated to all concerned, within FEMA and externally. The resulting alert notification might prove critical to those in charge of security for the national resource systems in particular. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 3.4.3 Monitor Recovery Activities and Progress (R.3) In the post-event phase, this function would be a continuation of the earlier monitoring of the emergency situation, but on a more summary level, and tracking the general progress of recovery operations. It would be performed derivitively, based on the primary monitoring being done by other elements of FEMA. The object is for the civil security staff to keep itself abreast of developments, and for it to apprise all other interested parties in the civil security community on the status of recovery. 3.4.4 Develop After-action Lessons Learned (R.4) The experience gained in the course of the event offers a unique opportunity for drawing lessons that can be of great value for future emergencies. An important civil security function, therefore, is to reconstruct what happened, based on its active involvement, and see what can be learned. Evidence must be gathered and analyzed relating to all aspects of the emergency, from mitigation and preparedness prior to its occur- rence through response and recovery. Things to look for would be problems encountered, both substantive and procedural. Attention should be given to identifying achievements as well as deficiencies, with special emphasis on systems performance. Structural dysfunctionalities may be revealed that might other- wise not be detected. Existing policy, plans, and organization can also be examined for adequacy and appropriatness. The potential benefits of such post mortem evaluations should be exploited to the fullest. 3-23 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 3.4.5 Reappraise and Adjust Policy, Plans and Programs (R.5) The final post-event function is the feedback that closes the loop, leading again to the, pre-event phase. In light of the lessons derived from the previous function, the FEMA civil security staff is now in a position to reappraise and, where necessary, adjust,. refine, or amplify policy, plans, programs, and all the other functional components of its mitigation and preparedness mission. The kind and extant of adjustment resulting from this last function would depend on the nature of the event just concluded and the significance attributed to that experience. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 4. INFORMATION REQUIRED TO SUPPORT FEMA CIVIL SECURITY FUNCTIONS An essential step in the development of any operational infor- mation system is the translation of organizational functions into the types of information required to fulfill these func- tions. This chapter identifies the information needed to support the pre-event, trans-event, and post-event civil security functions discussed in the previous chapter. 4.1 Classes of Information Requirements Figure 4.1 briefly outlines the major classes of civil security information requirements by time phases. These and other more specific information requirements will be discussed in greater detail in the subsequent sections. 4.2 Pre-event Information Needs Identifed in this section are the categories of information required to fulfill the essential civil security functions during the pre-event mitigation and preparedness phase. 4.2.1 Tasking the Providers of Threat-Assessments (P.1) To acquire threat assessment products and other essential ele- ments of information (EEIs), FEMA must have the authority to levy information requirements-on relevant agencies and organi- zations in the intelligence community. Correspondingly, Civil Security Division personnel must be fully cognizant of the various statutes, executive orders, and memoranda of under- standing that give them this authority. But the possession of this authority is not sufficient to ensure that the threat information will be obtained. In addition, civil security personnel must be fully aware of the range and types of threat data that can be made available to FEMA. This requires the Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 .CLASS SES OE-INFORMATION REQUIREMENTS PRE-EVENT THREAT RISK ANALYSIS NATIONAL POLICY PLANS PROGRAMS TECHNOLOGY T ANS-EVENT ALERTINGIWARNING POINTS OF CONTACT SITUATION ON-SCENE RESPONSE RECOVERY REQUIREMENTS ST-EVENT RECOVERY PR06RESS HISTORICAL RECORD FIGURE 4.1 MAJOR CLASSES OF INFORMATION REQUIREMENTS Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 maintenance of point-of-contact rosters for the primary intel- ligence, security, and law enforcement agencies, both public and private. It also requires a set of standard operating pro- cedures (SOPs) for guiding the query-response transactions involved in gaining access to the relevant data bases. Thus the key information requirements for this function are as follows: P.1.A Existing FEMA Authority for Levying Threat EEIs (Statutes, Executive Orders, Memoranda of Understanding) P.1.B Roster of Threat Assessor POCs (Intelligence Community and Others) P.1.C Query-Response SOPs Where the authority for levying threat EEIs does not exist, FEMA must initiate the necessary action to establish such authority (see section 4.2.8). 4.2.2 Synthesis of Available Threat Assessment Products (P.2) The variety of sources that must be tapped in formulating threat assessments is illustrated in Figure 4.2. This shows that a coverage of threats to the various national resource systems requires contacts with over 30 other Federal agencies in addition to the intelligence community at large. Thus one of the difficult tasks that the FEMA Civil Security Division must perform is to collate and synthesize many different EEI inputs in developing its threat assessments. The following categories of information are needed to fulfill this function: P.2.A Source of Threat (Identity and Nature) P.2.B Historical Profile (Objectives, organization, Linkages, Support) Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 ItLE VAN T I EPAS TNE NT/ AGEN CY IS ri ~ F s _~ ~ F O S ; NATIONAL IESOUV[ ~' W ?? 4 6? M C M SSTEM .1 P . d 3 Petrolelw/NOtaral Ge x x x Electrlc Power x x x x x Telecmwnlcotlent x x x x x x Transportation x x x X x x x x x X voter (Potable. Indus- trial. Agricultural) X x x x x Food x "to Disposal X x x indwtrlal Prodwctlaa F- x x x x Dow Nuterlols/Stro- a teolc Stockpiles x x x x Finance (Nmetary, credit) x x x x x PWlic Wealth x x Governance x Societal Processes X x X ff x x x PRIMARY FEDERAL SOURCES OF THREAT INFORMATION ON NATIONAL RESOURCE SYSTEMS Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 P.2.C Method(s) of Operation (Tactics, Targets, Time Frames) P.2.D Capabilities (Deployable Strength, Technical Skills, Resources) P.2.E Geographic Data (Base of Operations, Staging Points, Pre-positioned Assets) P.2.F Recent Activities (Type, Periodicity, Patterns/Trends) P.2.G Extrapolation/Forecasts of Possible Threat Action The complexity involved in this process is further illustrated in Figure 4.3. It shows, at the next level of detail, the major categories of data needed for these threat assessments, including some of the key data elements that must be taken into account in the evaluation of the threats. 4.2.3 Risk Analysis (P.3) The development of risk analyses is a complicated process. It requires the mobilization of data on current civil security threats, and on the national resource systems at risk and their interdependencies. It also requires data on the likely targets for disruption, on the likely modes of attack, on the vulner- ability of various targets, and on the potential consequences of an attack in terms of primary and secondary effects, seve- rity, scope, and duration. The following information is needed to support this function: P.3.B National Resource System Descriptions (Structural Configuration and Operational Characteristics) P.3.C Interdependencies among Systems Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 =?ORCE Sr TMREAT NISTOSICAI hum IkTm*ISI Si OPERATION CAPAOIIITits NEC[MT ACTlgtiu$ 6EMRwMIi DATA ? NAuu A?YERSARY 6 ? 6ROw ? TACTICS ? Dipiova.LE ? hIMA?T IIA?E ROr- OsuucTlrt? ? EwloUU? TIME FIAML ? STREM?iM TECNNICAL ? a OPERATIONS Srs?so.POCttL SNIILS ? LEYuu w LOCATIOrt ? OONIsITC ? OR?Ar11AT1?NAL - NATIONAL - LOCAL itRrctrRE Sums ? OI?ARSATI? I ? Lial Isaias Sushi hurts ? 6sow$ S?rsctls) of ? $"POST -RinARt TYPES N TAR?ETS FIGURE 4.3 CATEGORIES OF EXTERNAL THREAT ASSESSMENT DATA Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 P.3.D Likely Target Types for Disruption, by System (Critical Nodes/Choke Points, Essential Elements, Key Personnel) P.3.E Applicable Attack Modes (Demolition, Arson, Seizure, Chemical/Biological, Etc.) P.3.F Vulnerability Appraisals (Target Accessibility, Exposure, Value vs. Attack Feasibility/ Probability) P.3.G Potential Consequences Estimates (Primary Impact/Secondary Effects) - Severity, Scope, Duration Figure 4.4 expands on these requirements, showing some of the detailed information needed under each component for analyzing risks to the various national resource systems. Figure 4.5 outlines a requirements model showing the kind of algorithm that can be used for such a risk analysis and postulates an example illustrating its application in a hypothetical case, namely, risks to bridges and tunnels in the railway transportation resource system. 4.2.4 Policy Development (P.4) In its role as a developer and coordinator of policy, FEMA must be aware of relevant civil security issues that need policy resolution or clarification. This requires knowledge of admin- istration decisions, directives, and statements on goals, interests, and priorities. The sometimes overlapping Federal responsibilities, roles, and authorities (see Figure 4.2) must also be understood, and the views of interested parties must be solicited as input to any policy development. The following information requirements are encompassed in this civil security function: Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 a 3 ? W i ? s r i W S ? S ? W W 1~ r a eF y~ ~ y W N p = $ : Y x 2 W W W a 1 1 y~ IX W a i a s on, s i a' we a% ? s on, yi F'. V ? W O W I W + r?. W ? .. . . . . ? ? ? . . ? .0 I o as Y : 1 w r. . i A a M a # 30 a ?. _ 20, r ? 3 s : i r S 4 1 . a ?~ r f i p i O = eN S - ? N 1~ . 6 h 4 i t ? ? ? ? ? ? ? ? ? ? . ? ? ? ? ? ? ? ? I Y ? 49 W N 40 r i i s a 44 00, Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 ? - f w a s Z W < a a - w W - W - w s - ? * I , i -1 a 1 1 1- - - .6 96 VO w i\ ,. - 1 ? ? s W - a w WMA ? a ? w 46 a rai ? 1- i to s w - - ~ a W a Y S s a r= r I W O W w O iii ? W ? W m s a- i 1511 M ? w aas~a3aa a~ ;>E ' 1 W O ? W Ir w Iwo a a - a W ? J ? Y - W - S S ? so 4y? O ? s a a a W J i O 10 O s a ? s a - Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 P.4.A Administration Statements/Decisions/Directives on National Civil Security Goals, Interests, Priorities P.4.$ Nature and Background of Issue(s) Needing Policy Resolution or Clarification P.4.C National Resource System(s) Affected P.4.D Agencies Involved P.4.E Statutory Imperatives and Constraints (Responsibilities, Roles, Authority) P.4.F Relevant Existing Policy and Memoranda of Understanding P.4.G Views of Major Parties Concerned P.4.H Policy Implementation Requirements 4.2.5 Planning Guidance (P.5) The Civil*Security Division provides guidance in the develop- ment of plans for dealing with threats to the national resource systems. As the information requirements below indicate, this guidance must take into account national strategies, the range of potential threats, and agency responsibilities and capabilities: P.5.A National Policy Posture (Administration Strategy, Concepts, Desiderata) P.5.B Statutory Mandates (Executive Orders, Legislative Authority) P.5.C Range of Potential Threats P.5.D Vulnerabilities of Threatened National Resource Systems P.5.E Responsibilities Hierarchy/Network (Roles and Missions) 4-10 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 P.5.F Existing Plans, Memoranda of Understanding, Established Precedents P.5.G Capabilities and Limitations of Agency(ies) Involved P.S.1 Resources Required, including Assets Available from Private Sector 4.2.6 Plans Review and Evaluation (P.6) The Civil Security Division takes an active role in the review and evaluation of the civil security plans of other agencies and organizations. Among the information needs in satisfying this role are: a point of contact roster of those personnel in the responsible agencies who developed the plans, an identifier to locate the plan's custodian or repository, and an internal record of policy and guidance issued by FEMA regarding the respective plans. The information needs involved in this process are noted below: P.6.A Master Inventory of Civil Security Plans/Annexes (Identity and Responsible Agency) P.6.B POC Roster of Agency Planners P.6.C Repository of Plan (Custodian) P.6.D Orientation of Plan (Mitigation, Preparedness, Response, Recovery) P.6.E Scope and Content (Summary of Provisions) P.6.F Status (Completeness, Currency, Tested/Untested) P.6.G Subordinate Related Plans (Regional/State/Local/ Private Sector) P.6.fl Interrelationships Among Plans (Convergence and Dependencies) 4-11 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 P.6.I Internal Record of Policy/Guidance Issued by FEMA P.6.J Test/Exercise/Real-life Data on Plan Application 4.2.7 Program Coordination (P.7) In addition to reviewing and evaluating plans, the Civil Security Division coordinates Federal, State, local, and private sector programs relevant to its mission. As noted in the following list, this involves the collection of information on relevant statutes, executive orders, and memoranda of under- standing, the repertoire of mitigation, preparedness, response, and recovery techniques and technology in use, and program implementation, strategy, and schedules: P.7.A Master List of Civil Security Programs (Identity, Purpose, Scope, Participating Agencies) P.7.B Interrelationships/Dependencies Among Programs P.7.C Relevant Statutes, Executive Orders, Memoranda of Understanding P.7.D Formal Steering Committees, Working Groups, Panels Involved (Standing and Ad Hoc) P.7.E Catalog of Major Program Components (Objectives,. Priorities, Milestones) P.7.F Responsibility Network for Each Program/Program Element (Federal, State, Local, Private Sector) P.7.G Roster of Program Managers, Action Officers, Cognizant Staff (POCs) P.7.R Repertoire of Mitigation, Preparedness, Response, and Recovery Techniques and Technology P.7.1 Program Implementation Strategy and Schedules P.7.J Resource Requirements (Manpower, Special Skills, Equipment and Supplies, Funding Assistance) Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 P.7.K Status of Programs (Progress, Delays, Changes, Problems) 4.2.8 Initiate Proposed NSC/Legislative Action, as Warranted (P.8) In conducting its mission, the Civil Security Division may encounter problems, conflicts, and the need for additional executive or legislative authority. Based on the information requirements stated below, FEMA may find it necessary to pro- pose and initiate National Security Council or legislative action to resolve these problems: P.8.A Nature and Background of Problem Needing such Remedy P.8.B Pertinent Existing Directives/Legislation P.B.C Internal Staff Views of Interested FEMA Elements P.8.D Opinions and Views from Other Affected Agencies P.8.E Legal and Political Considerations 4.2.9 Advisory Assistance (P.9) A vital function to be performed by FEMA's Civil Security Divi- sion is to serve as a clearinghouse for information on threat technologies and vulnerabilities and the corresponding security technologies needed for dealing with them. The following information needs have been identified with this function: P.9.A New Developments in Threat Technology (Instruments/Methods) P.9.B New Technological Vulnerabilities in National Resource Systems P.9.C State-of-the-Art Security Technology for Dealing with Threats/Vulnerabilities/Consequences 4-13 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 FEMA must keep abreast of new trends and developments that are likely to'change the vulnerabilities of the various national resource systems. For example, as transportation systems become more dependent on electronic data processing for such functions as scheduling, routing, maintenance, and coordina- tion, their computers become increasingly vulnerable targets. 4.2.10 Liaison with Civil Security Community (P.10) The Civil Security Division is primarily a recipient and end-user of information supplied by other agencies and organi- zations in the civil security community. Its success is there- fore largely dependent on developing and maintaining good relationships and effective liaison with other elements of this community. The following information needs serve this purpose: P.lO.A POC Lists of Reciprocal Liaison Counterparts, by Agency and Subject Area P.10.B Updated Reference Material on Organizational Structure and Roles of Other Civil Security Elements P.10.C Checklists/Briefs of Current Topics, Problems, Concerns of Mutual Interests 4.2.11 Represent FEMA on Interagency Civil Security Committees/Groups/Task Forces (P.11) To enable the various agencies with civil security interests to discuss issues and problems and share viewpoints, many inter- agency committees, groups, and task forces have been or will be established. The FEMA Civil Security Division has a vital interest in being represented in these organizations, or at least being aware of their activities. As the following information requirements indicate, this representation requires knowledge of the agenda of each group, of FEMA's own position on various issues, and of the positions and viewpoints of other agencies: 4-14 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 P.11.A Master List of Interagency Groups concerned with Civil Security matters P.11.B Agenda of Key Issues/Problems to be Addressed P.11.C Participating Agencies, Structure of Committee, Members of Delegations P.11.D Terms of Reference on FEMA Position to be Advocated, and Strategy P.11.E Other Agencies' Positions and Views P.11.F Cumulative Record of Proceedings (Proposals, Agreements, Impasses, etc.) P.11.G Formal Products/Outcomes Resulting from Committee Action (Final or.Incremental Findings/ Reports) 4.2.12 Training/Test/Exercise/Gaming Support (P.12) For the FEMA Civil Security Division to support training,. tests, exercises, and games related to civil security, it must have information on the following five subjects: P.12.A Sponsor and Participants P.12.B Planned Goals and Objectives P.12.C Schedules/Time Frames P.12.D Postulated Scenario/Syllabus to be Followed P.12.E Control Mechanism Employed The control mechanism refers to the management of exercises, for example, the operational constraints and degrees of freedom in running them, and the method of determining success or failure. 4-15 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 4.2.13 Periodic Strategic Net Appraisals of Civil Security (P.13) A vital function and output product of the Civil Security Division is the appraisal of the Nation's civil security posture. -This entails keeping abreast of the current threat climate, recent civil security incidents and their conse- quences, major shortcomings in civil security, and remedies underway to redress those shortcomings. The current civil security capabilities of Federal, State, and local governments, and the private sector must also be evaluated frequently, not only to ensure an adequate defensive posture and response mechanism but also to ensure that appropriate steps are being taken to mitigate and ameliorate adverse consequences. The list below reflects the information needed to satisfy this function: P.13.A Historical/Statistical Data on Changing- Character, Patterns, Trends in Threat Climate (Domestic and Foreign) P.13.B Historical/Statistical Data on Nature, Frequency, Distribution, Consequences of Recent Civil Security Incidents Against National Resource Systems P.13.C Major Civil Security Problem Areas/Shortcomings Experienced (Mitigation, Preparedness, Response, Recovery) P.13.D Status of Remedial Measures Underway P.13.E Federal, State, Local and Private Sector Civil Security Capabilities and Readiness to Mitigate and Ameliorate Adverse Consequences Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 4.3 Trans-event Information Needs Identified in this section are the information categories required to fulfill the essential civil security functions during the trans-event response period. 4.3.1 Verification of Occurrence (T.1) When the Civil Security Division receives notification of a civil security event, activities are immediately initiated to provide verification of occurrence. The following three items of information are essential to this function: T.I.A. Report(s) of event (What, Where, When, How Serious) T.l.B POC Roster for Verification/Corroboration/ Amplification T.1.C News Media Bulletins/Accounts The point-of-contact roster contains names of Federal, State, local, or private sector response-reaction principals whose timely input can provide an accurate assessment of the unfolding events. 4.3.2 Warning and Alerting Notification (T.2) Once a civil security event has occurred and been verified, the Civil Security Division must ensure that priority need-to-know agencies, direction and control centers, and key personnel are notified-in an orderly manner with minimal delay. This noti- fication might actually be performed by the OEO/EICC. The following three information items ale needed to fulfill this function: T.2.A Priority Need-to-Know Agencies/Centers/Key Personnel 4-17 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 -  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 T.2.C Checklist Notification Procedures 4.3.3 Decision Support (T.3) During a civil security event, FEMA must provide timely esti- mates and assessments of the unfolding events to permit the key decision makers to make wise and effective decisions aimed at minimizing potential damage or ameliorating negative conse- quences. The civil security staff, depending on its degree of involvement, must therefore be-prepared to acquire -- or assist the OEO/EICC in acquiring -- the following types of needed decision-support information: T.3.A Direct Impact Damage/Disruption Incurred (Locus, Type, Systems Affected, Scale) T.3.B Pertinent Pre-calculated Implications/Potential Consequences Extrapolation Data T.3.C Status Updates on Situation/Changes T.3.D Status Updates on Operational Response-Reaction Measures T.3.E Relevant Policies, Doctrine, and Strategy Alternatives T.3.F Matrix of Responsibility/Jurisdiction (Federal, State, Local, Private Sector) T.3.G Readiness Posture/Capabilities of Response Elements Apt to be Involved T.3.E Cumulative Requests for Assistance (Source, Status, Disposition) T.3.I Agency Estimates of Likely Additional Requirements .T.3.J Resource Availability Data Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 T.3.K Views, Needs, Problems of Affected Agencies/Interested Parties T.3.L Emergency Operations Procedures of Emergency Information and Coordination Center/Office of Emergency Operations 4.3.4 Decision Implementation Action (T.4) The information required for implementing the decisions dictates that the FEMA Civil Security Division have at its disposal a master list of agencies having primary, coordinate, and support responsibilities and of the procedures for issuing requests and instructions for each agency. The Division will also need periodic updates of each agency's responsibilities and points-of-contact. Thus the following types of information are required: T.4.A Master List of Agencies Having Primary/ Coordinate/Support Responsibilities T.4.B Procedures for Issuing FEMA Tasking/Requests T.4.C POCs in Affected Agencies 4.3.5 Interim Coordination of Immediate Emergency Actions (T.5) As noted in Chapter 3, the civil security staff may temporarily have to coordinate, or assist OEO/EICC in coordinating, the Federal response at the outset of a major civil security event. The Division staff therefore has to be familiar with the primary points-of-contact in each agency and know the agency-specific procedures for orchestrating coordination. The conduct of this interim coordination function will require the following information: T.5.A Emergency Action POC Roster and Procedure Checklist T.5.B Existing Applicable Plans 4-19 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 T.5.C Operative Direction and Control Infrastructure T.5.D Available Rescue/Evacuation Lift Assets T.5.E Candidate Host Area/Safe Haven Relocation Sites (Shelter and Logistic Support Capacity) T.5.F Available Damage Control/Containment Resources T.5.G Available Protective Equipment, Supplies, Personnel T.5.H Status of Priority Actions in Outside Agencies (Unilateral and Collaborative) The status of priority actions by outside agencies is monitored to ensure prompt attention to activities deemed most critical. 4.3.6 Initiate Execution Planning/Asset Mobilization/ Readiness for Recovery (T.6) During the trans-event response period, it may be necessary to initiate steps as early as possible for handling the needed recovery and stabilization measures. In preparing for this transition to the post-event recovery period, the Civil Security Division will require information on the following topics: T.6.A Master List of Agencies Having Recovery Responsibilities T.6.B Existing Recovery Agencies T.6.C POCs within Recovery Agencies T.6.D Readiness and Execution Procedures (Federal, State, Local, Private Sector) T.6.E Recovery Resource Requirements Estimates T.6.F Resource Location/Availability Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 4.3.7 Congressional and Public Affairs Update (T.7) The Civil Security Division must be in a position to provide accurate, timely, and appropriate civil security-related infor- mation for dissemination through the public affairs and Con- gressional relations' staff of FEMA. This requires access to up-to-date information on the civil security activities of all agencies involved in the event. The internal FEMA procedures for preparing and briefing these staffs must be well understood by civil security program personnel. T.7.A Accurate, Current Data on Event and Response T.7.B Procedures/Criteria for Briefing/Updating FEMA Congressional Relations/Public Affairs Staffs 4.3.8 Hand-off and Transition to FEMA Response Management Principals (T.8) As the trans-event response phase comes to an end, the Civil Security Division personnel need to prepare for the transfer of responsibilities to the FEMA response management principals. As noted before, such a transfer may occur earlier in the trans-event phase. Two information needs must be satisfied to achieve this transition: T.S.A Matrix of Responsibilities within FEMA T.B.B Record of FEMA Actions Completed, in Process, and Pending Accurate records of the FEMA actions completed, in process, or pending are required to avoid duplication of effort and to expedite recovery measures. 4.4 Post-event Information Needs This section identifies the information categories required to fulfill the essential civil security functions during the post-event recovery period. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 4.4.1 Assist FEMA Emergency Information and Coordination Center/Office of Emergency Operations and Staff E ements R.1 During the post-event recovery period, Civil Security Division staff elements and resources must remain available to assist the Office of Emergency Operations, the Emergency Information and Coordination Center, and other FEMA staff members in addressing residual civil security concerns, recognizing poten- tial civil security contingencies, and maintaining contacts within the civil security community involved or interested in the recovery phase. The list below covers the information required to perform this function: R.l.A Checklist of Potential Civil Security Contingencies During Recovery R.1.B Residual Civil Security Concerns of Agencies Involved in Aftermath of Event R.1.C POC Roster of Civil Security Community Involved/ Interested in Recovery Phase 4.4.2 Assess Continuing/Follow-on Civil Security Threat (R.2) During the post-event recovery period, the Civil Security Division must recognize that additional targets and national resource systems might be threatened. Forecasts and risk analyses, combined with updated threat information, may be needed to cover these possibilities. This threat assessment activity requires the following information: R.2.A Updated Threat Information R.2.B Additional Possible Targets and Other National Resource Systems that Might be Affected R.2.C Projected Risk Analysis Estimates Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 R.2.D POC Roster for Threat/Risk Forecasts R.2.E POC Roster of Parties to be Advised 4.4.3 Monitor Recovery Phase Activities/Progress (R.3) Civil security personnel should monitor recovery phase activi- ties and develop an overview of recovery operations to ensure that civil security concerns are being fully addressed. They should review and, when necessary, change FEMA's criteria and procedures for reporting to interested agencies. And they should update their point-of-contact rosters to reflect neces- sary changes in the communication network. This will require information on the following four topics: R.3.A Summary Overview of Recovery Operations R.3.B Status of Current and Planned Civil Security Related Actions R.3.C Criteria/Procedures for Reporting to Interested Agencies R.3.D POC Roster of Agencies Needing Civil Security Update 4.4.4 Develop After-Action Lessons Learned (R.4) To assess the effectiveness of plans and programs, as well as overall national policy on civil security issues, it will be necessary for all agencies involved in the event to provide after-action reports to the FEMA Civil Security Division. These reports. should include an assessment of successes, failures, and problems, accompanied by a critique of agency actions and suggested future improvements. FEMA civil security personnel will analyze these and their own after-action reports and prepare a summary document outlining the lessons learned and the needed remedial actions. The information requirements noted below are aimed at the fulfillment of this function: ? 4-23 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 R.4.A Reconstruction of Pre-Event Civil Security Posture R.4.B Cumulative Archival Journal/Chronology of-Event, Response, Recovery Experience R.4.C Detailed Documentation of Salient Problems Encountered R.4.D Logs, Records, and Observations on System Performance (Achievements and Deficiencies) R.4.E Critique Reviews/Suggestions by Participants 4.4.5 Reappraise/Adjust Policy, Plans, Programs (R.5) Section 4.4.4 mentioned the Civil Security Division's need to develop after-action lessons learned from a civil security event to adjust future policy, plans, and programs. This activity provides a feedback mechanism for improving mitigation and preparedness plans and programs, as well as future trans-event response and post-event recovery operations. Based on careful evaluation of the effectiveness and appropriateness of the policy, plans, and programs, as revealed by the after action reports on the recently managed emergency event, the Civil Security Division will initiate, coordinate, and ensure that important remedial adjustments are made internally within FEMA and by the other appropriate Federal agencies. The imple- mentation of such adjustments requires the following information: R.S.A Policy Issues Bearing on Civil Security Revealed by Emergency R.S.B Appropriateness and Adequacy of Civil Security Plans to Cope with Event Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 R.5.C Civil Security Program Shortfalls Demonstrated R.5.D Indicated Areas of Civil Security Information System Support Needing Improvement Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 5. INFORMATION PARAMETERS AND CONSTRAINTS In the previous chapter, the types of information required to support the respective civil security functions were identified and discussed. The next step is the development of a more detailed characterization of the operational parameters and constraints associated with the types of information identified. 5.1 Attributes of Civil Security Information Requirements The following attributes establish the framework for refining the character of the civil security information requirements: source of information, security classification, frequency, accessibility, and application. 5.1.1 Source FEMA will have to task many different sources to ensure that the information needed to meet civil security functions is both available and complete. Other agencies have statutory respon- sibility for developing and implementing civil security plans and programs, for managing the response during an actual event, and for ensuring that appropriate security steps are taken. However, in its oversight and focal point roles, FEMA must recognize that the primary action agency may not be the singular supplier of civil security information. Additionally, Civil Security Division personnel must be able to synthesize the information from all sources to provide the most useful product for internal and external consumers. It should be noted that some sources will provide information only in support of pre-event preparedness activities. Other sources will be brought into play only during trans-event response or post-event recovery periods, depending on the nature of the event as it unfolds. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 5.1.2 Security Classification The security classification of civil security information can be expected to run the gamut from unclassified to top secret and, at times, will require various compartmentalized or code word intelligence clearances. The level of security classifi- cation will depend on the source, the specific content of the data, the sensitivity attached to it, and individual scena- rios. Civil security and other FEMA personnel must constantly be aware of the potential need to reclassify the information that they produce as a result of data aggregation. 5.1.3 Frequency The frequency with which civil security information is needed and the frequency with which this information requires updating will obviously vary in terms of the functions to be performed, the time being considered, and the urgency of operational requirements. In general, those functions that pertain to pre-event mitigation and preparedness measures will permit a more routinized flow of information, longer intervals between updates, and less urgency in securing new or updated data. In such cases, the entire process is likely to be fairly predict- able, regularized, and controllable. During the occurrence of actual terrorist, civil disorder, sabotage, or subversion inci- dents, however, the information collection, interpretation, and dissemination processes are likely to change dramatically. In such trans-event periods, the frequency of need and frequency of update become dependent on situational imperatives that are inherently unpredictable. Thus the need for information and the update frequency are likely to be more dynamic--varying with the nature, scope, and pace of the individual event as it unfolds. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 5.1.4 Accessibility FEMA's access to civil security information may take three dif- ferent forms: (1) routine; (2) limited; and (3) ad hoc requests. Routine information is received on a repetitive, regular, or periodic schedule from numerous governmental and private sector sources, and it is based on pre-established mutual understandings and procedures. Limited access refers to information that may be similarly programmed in advance, but which can only be obtained or received under stipulated condi- tions, depending on the nature of the particular event and the security classification of the information. Ad hoc requests refer to information that is obtained by FEMA on a case-by-case basis, that is, only when such information is expressly requested and the supplier agency agrees to respond. 5.1.5 Application In a general sense, civil security information is utilized in two ways. First, some types of information are necessary to support internal civil security functions. Second, Civil Security Division personnel, after the receipt of information, will analyze, synthesize, and condense it. Output products may then be generated and sent to other FEMA elements or to agencies and organizations external to FEMA. In the following sections of this chapter, each category of information required for a particular function is discussed within the context of these information attributes. Section 5.2 presents the parameters and constraints of information requirements to support pre-event preparedness functions. Section 5.3 presents a discussion of the parameters and con- straints relating to information on trans-event response func- tions; and Section 5.4 deals with post-event recovery functions. 5-3 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 5.2 Pre-Event Phase - Information to Sustain Preparedness Activities Section 2.3 notes that the audiences with whom FEMA must com- municate in carrying out its mission are numerous and diverse. This 'statement is particularly true regarding civil security functional information requirements. The information to support preparedness functions forms the baseline for the communication process which is essential in carrying out civil security planning, oversight, liaison, and training activi- ties. The following sub-sections present a discussion of the parameters and constraints relating to pre-event information needs. Further details on these parameters and constraints are presented in tables at the end of each subsection. 5.2.1 Tasking the Providers of Threat Assessments (P.1) FEMA will have to look to the intelligence and law enforcement agencies as points-ot-contact as well as to private security organizations. The FEMA Civil Security Division requires standard procedures for gaining access to the various data bases on a daily basis. FEZ4A.'s authority to task other agencies for this purpose will necessarily also provide for access to the various bodies of classified data. POC rosters will probably be used on a daily basis to maintain contact with agencies. Any changes in POCs should be transmitted to FEMA on a weekly basis. 5.2.2 Synthesis of Available Threat Assessment Products (P.2) As can be seen in Table P.2, the primary sources of threat assessment products will be the agencies with intelligence and security missions as well as those with responsibilities for emergency management of the national resource systems. Supple- mental data can also be provided by the private sector through 5-4 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Functional kdormabon RequiremerN cods D.suipwon 41) Source PInwey securwr.wy Se'( ) Class'n (3) Frequency Nwd uprab (4) Accessibility Ad. ie.rr Hawes t.Mled ns ~~s ~ (5) Application Mse Use PIOu"il CK W P.1.A Authority to levy three Legislation, U-S N/A N/A X X BBl tasking 6.0.. HOU. (NSC)PD P.1.1 POC roster FBI, State, Pvt. Sector, U-S Daily Weekly x X CIA. DIA, S Media, State i Local Govt. P.I.C Query-Response SOP's du* do U Daily Qrtly. I X *do - ditto Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Fww AKp i MNorrt~alion PagtrremarM code Duo"" Since POMWI Secw t Seix rY Y Ciass'n Fr pi ency Nw lydme c ROOM /Mwd Ad Ow Raw" 151 Appkmm wwtaai Ouyw Lks am1a P.2.A Source of threat FBI, State, Pvt. Sector, C- Monthly Weekly I I I CIA, DIA, Media, State T8+ INS, 08A, and Local DOT, DOE. Govt. Nub, NBC, DOC P.2.1 Historical profile do do U-TS Monthly Monthly I I I P.2.C M.O./tactics do do C-TS Monthly Monthly I I I P.2.0 Capabilities do do TS- Monthly Monthly I I I TB. P.2.9 Geographic data do do T8- Monthly Weekly I I T8t P.2.P Recent activities do do C-TS Weekly Daily I I P.2.0 forecasts of possible do do T8- Weekly Daily I I I threat action TS+ Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 corporation security offices, the media, and the law enforce- ment arms of the State and local governments. In those instances where the security classification includes compart- mentalized or code word intelligence, special arrangements will have to be made to ensure that FEMA civil security personnel have access to the essential threat assessment data. The Civil Security Division will synthesize these data and disseminate the information to the necessary recipients. Strategic-type studies should be reviewed by FEMA on a monthly basis. Weekly updates of recent activities and changes in forecasts will ensure currency of strategic threat information. 5.2.3 Risk Analysis (P.3) The intelligence and law enforcement community will be the providers of information needed for civil security risk analysis activities. The nature of the data, the sensitivity associated with collection processes, and the potential value to hostile interests will place most information at the upper levels of security classification. The civil security staff should review risk analysis data on a regular basis. Monthly updates should ensure adequate currency. The classification level will necessitate restrictions or limitations on FEMA's access to risk assessment data maintained by other agencies. The finished products of risk analysis obviously have both internal and external application. 5.2.4 Policy Development (P.4) Information will be provided by the various agencies and organizations involved in responding to policy and other regu- latory issuances. Most information will be unclassified, but MOO's and some of the views of cognizant or affected agencies may fall into the classified arenas. Frequency of use and Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 '7 &.S 17 Functional kNornulan Hegrrremenl cod. Oozuwron 11) Source s.roiaary 12) Swwky G ass'n 131 Frequency rJaed updaN N) Accessibility Rwsw lwwud Ad-ac n.quea 11s) Apps. how" owwu Use PNwMid P.3.A Current threat assess. UI, State. Pvt. Sector, C- Monthly Weekly X X data CIA, DIA, state 4 Local T4+ INS, DEA, Govt., public DOT, DOE, information NQC, DOC, NUB P.3.5 National resource cognizant Affected U-S monthly monthly I X system description Agency(iss) Agency(ies) P.3.C Inderdependoncies Legislative Atty General, U-S Monthly monthly I I ii Executive General authorities, Counsel OHS, cognizant interagency committees P.3.D Target types, critical Cognizant Affected C-TS Monthly Monthly I X Dodse, etc. Ageacy(ies) Agency(ies) P.3.E Attack lodes do do C-TB Monthly monthly I X P.3.1 Vulnerability appraisals do do C-TS Monthly Monthly I X X P.3.G Consequence estimates do do C-TS Monthly monthly I I X Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TABLR P.4 - POLICY DEVRLOPNENT Functional Mrlormalion Req wrement Cods OsWpk" (1) Source P.eawy Secenday Security class's (3) Frequency Need Updals (4) Accessib I4y Adfla: Rouwr Lolled (5) Applecalwn MMemal OuNrr Use NoWd P.4.A Admin. statements/ NBC, BOP Affected U ? N/A N/A X I docisioa?/directives agencies P.4.B Nature i background of Internal General U N/A N/A X I issues needing PENA, counsel(s), resolution affected/ Atty General cognizant agencies. interagency cos ittees P.4.C Affected national Legislation, affected U N/A N/A X X resource systems cognizant agency(Les) agency(ies) P.4.D Agencies involved Legislative Admin., BOP, U N/A N/A I X mandates/ NSC authority directives P.4.1 Statutory imperatives do do U N/A M/A X I i constraints P.4.P Relevant exist. policy Cognizant do U-8 N/A N/A I I i N.o.Urs agency(ies), Legislative mandates P.4.0 Views of major parties cognizant Affected U-S N/A N/A I I I concerned ageacy(ies) agency(iee) P.4.N Policy implemeatatioa do do U-S N/A N/A I I X requirements Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 update requirements are not predictable and will depend upon the priorities of each administration. FEMA should have no restrictions or limitations on access to required informa- tion. FEMA will produce a consolidation of the views of the major parties concerned and offer a summation of the policy implementation requirements for external use. 5.2.5 Planning Guidance (P.5) FEMA will look to a variety of sources in providing civil security planning guidance to the executive agencies. The sources can be expected to range from Federal, State, and local governments to various public interest groups (National Gover- nor's Association, Council of State Governments, National Asso- ciation of Counties, National League of Cities, U.S. Conference of Mayors, etc.), and other private sector organizations. In' most cases policy information will be unclassified. But infor- mation on threats and documents outlining detailed plans and giving the capabilities, limitations, and needed resources of agencies are likely to carry various levels of security classi- fication. Since the Civil Security Division must be contiw- ually aware of national policy posture in all its activities, frequency of need and update is on-going rather than periodic. Some data, e.g., those on threat and vulnerability, are suffi- ciently dynamic to require review and updating at least monthly. The information required for planning guidance should be routinely accessible to authorized FEMA civil security personnel. 5.2.6 Plans Review and Evaluation (P.6) As reviewers and evaluators of plans, civil security program personnel must have access to the civil security plans of 5-10 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TABLE F.5 - PLANNING GUIDANCE Functional kdormation Requirement Code Dssa *on (1) Source penny Secondary (2) Security Class'n (3) Frequency Ness U14aw N) Accessibility HouM? tended riequw Noc esl (5) Appiscalon real ".d Me WaYN:I P.54 National policy posture SOp,NSC Cognizant U M/A MIA X X ageocy(ies) P.5.3 Statutory mandates Existing Atty General U N/A M/A X X Legislation. Houle, SOP P.S.C Range of potential cognizant Affected U-S Monthly monthly X I X threats agency(ies) agency(Les) P.5.1 Vulnerabilities of do do U-S Monthly Monthly X X X national resource systems P.5.E Responsibility Existing Att. General U N/A N/A X X hierarchy/network Legislation. MOU's P.5.P Exist. plans. MOU's, do do U-S Monthly Monthly X X I precedents P.5.0 Capabilities '& do do U-S N/A N/A X I I limitations of involved ageacy(ies) P.5.11 Resources required Cognizant Affected u Monthly Monthly I X I agency(ies) agency(iea). private Ind. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Functional k otmalon Requiremed code a.scs ion (1) Source Pnhiary S.candoq Set ily Class n (3) Frequency Und tV W. 44) Accessibrily . Roane Hewed M "DC PA*" (5) /lpplicabon YYanal ouywl use Padua P.6.A Inventory of C8 plans/ Cognizant Affected U S/D Monthly x I neexes agency(ies) agency(ies) (State, (State, local, federal. Federal) local) P.6.1 O.C. roster of agency do do U 8/D Nontbly I I lannsrs P.6.C epository of plan do do U 3/0 monthly I P.6.D rientation of plan do do U monthly Monthly I I P.6.1 cops 6 content do do U-T8+ Qrtly Qrtly I I P.6.F status do do U Monthly Monthly I I I I P.6.C Subordinate related plans do do U-TS* 8/D Qrtly I I P.6.N lane interrelationships do do U-TS* Qrtly Qrtly I I P.6.1 Internal record of - Internal FENA Affected U Qrtly Monthly I I olicy/guidance issued Agency(ies) by FINA P.6.J eat/exercise/rsal-life Participating/ Cognizant U-TS* N/A 8/D I I I data on plan application Affected agency(ies) agency(iss) Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Federal, State, and local agencies. The security classifica- tion of information on plans will depend on the agency, its responsibilities, and the nature of postulated scenarios. Updating of points-of-contact should occur at least monthly, and updating of plans as required. FEMA personnel should have routine access to most civil security plans. It may be neces- sary to make ad hoc requests for certain sensitive plans, as well as for status reports when new plans or significant modi- fications are mandated, e.g., when there are changes in the regulatory base or changes in threat assessments. 5.2.7 Program Coordination (P.7) As in the case of program guidance and plan review and evalua- tion, information will be needed from all the Federal, State, and local agencies that have responsibility for, cognizance of, or are affected by civil security actions. This information will generally fall in the unclassified to secret range, with some in compartmented levels. Access to information on program coordination should generally be routine. Some limitations or restrictions. may be imposed when compartmented information is required. Most of the information will be used by FEMA person- nel on an internal basis. Such items as the comprehensive catalog of programs and a master roster of program managers should be made available to the various agency program man- agers. A basic catalog of mitigation and preparedness techni- ques and technology should'be produced and distributed, as required. Finally, status reports will be provided to FEMA senior management. and be used for the formulation of the periodic Director's report to the President. 5.2.8 Initiate Proposed NSC/Legislative Action (P.8) The need to seek National Security Council (NSC) or legislative assistance in resolving problems will require information on 5-13 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TABLE p.7 - PROGRAM COORDINATION Functional k Iormalion Nequwremenl code Damywm (1) Source POMMY Seoondwy SB`a'rily CAM*" (3) Frequency Nnd UpdAM (4) AccessibiNly b I lam Perm LOd" PA*" (51 Appfalion bownW Ou%Md Uu Pia-id P.7.A Koster list of CS Cognizant Public C-S Monthly Monthly I X X program$ agency(Les) information (State/local/ sources private agencies), MSC P.7.5 Interrelationships/ do do U-8 Monthly Monthly I X dependencies along program. P.7.C Relevant statutes, Existing Affected U-S Monthly Monthly I X RO's, MOU'e legislation, agency(Les) Cognizant agency(iss), NBC, sop P.7.D pormal steering Cognizant Affected U Monthly Monthly X X cotmittses, working Agency(iss). Agency(i82) groups, panels state/local/ private agency's p.7.5 Catalog of major do do C-8 Monthly Monthly I X X program components P.7.V Responsibility network do do U-C Weekly Monthly I X P.7.G Boater of program do do u Weekly Daily I X X managers etc. P.7.N Repertoire of mitigation do do C-TS+ Monthly Monthly I I X X preparedness techniques & technology Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TAILR P.7 - PROGRAM COORDINATION (Concluded) Func*onal n4ounaUon flequMemer cad. o.sapw.n (1) Source Piw wy S.cww:rY Securely (2) Class'n (3) Frequency r"d Up wo 14) Accessd 4 ily Adibu; nm.rr Lwww Re%WS1 (5) Applicakon wUse Pik l P.7.I Program implementation cognizant Affected C-S Monthly monthly I I strategy & schedules agency(ies). agency(ies) cognizant state/local/ private elongate F.7.J Resource requirements do do C-S Monthly monthly I I P.7.9 Status of programs do do C-S Monthly Monthly x I I Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TAMLI P,.8 - INITIATI PROPOSID NSC/LIOIBLATIVI ACTION. AS W1RMANTID Functional Wormahon Hequiremer- Nature i background of problem I:isting directives/ legislation PIM internal staff views Opinions, views from other affected agency(ies) Legal i political considerations 11) Source Affected agency(ies). NBC Affected agency(iss), NBC, NOU's, IOP Internal PINA Affected agency(ies) Nor, use, DOJ. Congressional liaison Cognizant agency(ies) Cognizant agency(ies). Agency counsels Cognizant agency(Les) (21 secwily Class'n (3) Frequency Acre +966ft Apphcatinn Roulrw &W4" Adltr: k u.n;Y Ouy.M ? PMP" Uia Pro*r.Y I I I I I I I I X I x I I I I Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 the opinions and views of the affected agencies, as well as internal staff views of interested FEMA elements. Depending on the nature of the problem and the agencies involved, the infor- mation may require security classification. The priorities of the administration will determine the frequency with which FEMA requires the information to support this functional area. While some of the information may be obtained via other pro- grammatic activities, it is anticipated that much of the infor- mation will be requested by FEMA on an ad hoc basis. FEMA will analyze the available data, summarize the nature of the pro- blem, and recommend a proposed course of action to be submitted to the NSC or appropriate legislative offices. 5.2.9 Advisory Assistance (P.9) The primary sources will be those agencies that furnish intel- ligence and security (e.g. law enforcement) information. Much of this information will be highly classified. Frequency of need will be dependent on the release of new developments in technology, the responsiveness of the security community in developing countermeasures, and the ability of the intelligence community to maintain currency on the activities of adversary groups. The Civil Security Division will provide reports on new threats and security technologies to authorized organizations. 5.2.10 Liaison with Civil Security Community (P.10) The FEMA civil security program will require-that information on points-of-contact, organizational structures, current topics, problems, and issues be furnished by each of the cognizant agencies. Most information will be at the unclassi- fied and confidential levels. Since information will be used frequently, it should be updated often enough to ensure Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TAILS P,9 - ADVISORY ASSISTANCE FunGronal wormalion Re Weamd New developneats in threat technology Now tech. vulnerabilities in national resource systems Security technology for dealing with threats/ vulnerabilities/ consequences FBI, NRC, TVA, SEC, M. FCC, FEDC, DOE, DOT, DOG (2) Seciuily Glass'n (1) Sauce NSA, CIA, public info. sources, Cognizant agency(ies) (3) Frequency (4) AccessihMyt AaIk 45) APP Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TABLE 1P'-I0 - LIAISON WITH CIVIL SECURITY COMMUNITY (FEDERAL AGENCIES/STATE/PRIVATE SECTOR) Functional brlormalion Requirement P.O.C. lists of liaison counterparts by agency & subject Updated ref. material on org structure i roles of other CS elements Cbeckliste/briefs of current topics, problewss concerns of mutual interest (M) Source Cognizant agency(ice) (states local, Federal). private sector (2) Socially Class'n (3) Frequency Accessibilily Adrwm Requu l Mdwisw use Ou4?d Pitwkri Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 currency, particularly with respect to changes in points-of- contact. FEMA should require and expect fairly routine access, with some limitations imposed in the areas of agency-spgcific or unique civil security concerns. Information utilized by FEMA civil security personnel should generally be made available to other agencies in the civil security community. 5.2.11 Represent FEMA on Interagency Civil Security Committees/Groups/Task Forces (P.11) The Civil Security Division will require input from within FEMA concerning the FEMA position on a variety of topics. Informa- tion from other agencies that participate in interagency meet- ings will be required to ensure that the FEMA position is con- ceptually correct and current. The security classification will generally be at the secret level. Since most groups can be expected to meet on a monthly basis, the Civil Security Division should review and update its data monthly. Any products, i.e., reports, studies, and meeting minutes, may be transmitted to other FEMA staff elements on a selective basis. Accessibility to outside agencies will probably be constrained in such areas as agency internal positions and viewpoints. 5.2.12 Training, Test, Exercise, and Garcia Support (Civil Security-Related Aspects) (P.12) The Civil Security Division will require information from the sponsor of these activities, from participating agencies, and from other involved FEMA elements. These same sources will be tasked to provide the Division with relevant data on test goals, schedules, scenarios, etc. The Division will evaluate the pertinence and applicability of the civil security aspects and provide pre-test feedback to concerned players. Some information, such as goals, objectives, and scenarios, will fall into the confidential and secret classification levels. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TABLE P,11 - REPRESENT BEM ON INTERAGENCY CS COHHITTEES/GROUPS/TASK FORCES Funchonal Requiremons Iwn Cody DU$U On Source P mwiy Secomrrary (2) Security Classn (3) Frequency lXL" Hssa 141 Accessibility Ad Ha: Hodes LMnAed PAqued 151 /1{m(mlicalioxm MMwoar Ouyws u" Pwdud P.11.A Master list of inter- Cognisant -- U monthly monthly I I agency groups with agency(ies), FRM CS representation OKB, COP, NSC P.11.5 Agenda of key issues/ affected -- U-S B/D Monthly I I problems to be addressed interagency committee/ group/task force P.11.C Participating agencies, do -- U monthly monthly x I structure of committee, members of delegation P.1l.D Terms of reference on Internal -- U-S monthly monthly I I VIM position ? BIM P.11.1 Other agency(ies) Cognizant -- U-S Monthly monthly I I positions 1. views agency(Les) P.ll.* Cumulative record of Affected -- U-S monthly monthly I I procedings interagency committee/ group/task force P.11.G Formal products/outcomes do -- U-S Monthly Monthly I I from committee action Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TABLE P,12 - TMINING/TEST/EIERCISE/CANING SUPPORT (CS-RELATED ASPECTS) Functional bdornwlion RequiremerM cods S urce w?a.~ s y 121 Sepxily Class n 131 Frequency a Up 14 Acces bft w Lrnr.a Ad lrw 15) App Caton Wong- Oa4md P.12.A Sponsor 1 participants Affected Cognisant U 8/D Daily I I Agency(ies). Agency(ies). Internal Private ram sector P.12.1 Planned goals i do do U-8 8/D Daily I I I objectives P.12.C 8cbedules/tioefcasae do do U-C 8/D Daily I I P.12.D Scenario/syllabus do do U-8 8/D Daily I I I P.12.E Control necbanism do do U 8/D Daily I I Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 The need for information will depend on the timing of planned training. Updates and the civil security aspects of tests will be required daily during the execution of tests. Access will generally be on a routine basis with some limitations imposed on test scenarios because of their security classification. The Civil Security Divison will generate civil security goals and objectives for inclusion in test scenarios. 5.2.13 Periodic Strategic Net Appraisals of Civil 9' (P.13) The sources available to FEMA in developing consolidated net appraisals include internal FM elements, cognizant agencies, the National Security Council, and the relevant intelligence and security communities. A substantial portion of the infor- mation will be dealing with the threat climate, including civil security problem areas and shortcomings. The security classi- fication can therefore be expected to extend into compartmented intelligence levels, with commensurate access restrictions. The Civil Security Divison should review appraisals monthly. Problems and shortcomings should be forwarded from the affected agencies as they are discussed. Remedial measure status reports, prepared on a weekly basis, will ensure that the Division is able to maintain currency. Information concerning civil security problems, remedial measures status, and organi- zational civil security capabilities will be documented and distributed to authorized civil security community personnel. 5.3 Trans-Event Phase - Information for Response Management Depending on the amount of warning received prior to an event and the nature and scope of the event, the Civil Security Divi- sion may either play a significant initial role in event response or merely act as an advisor on the civil security aspects of an event. The information needed during this 5-23 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 TABLE P.13 - PERIODIC STIATSCIC NET APPRAISALS OP CIVIL SECURITY Functional Wwifte f D~capMon Code Ce Seca,W?y P"""'y (2) SecurNy Class'n Fr (3equency H.ra up Is 141 y Howrw tMww an a R (App1cahm U" OWPA Proar1 P.13.A Niatorical/statistical Internal State/local U Monthly Monthly X data on threat climate PEMA, agency(ies), cognisant Private agency(iea). Sector NEC P.13.1 Historical/statistical do do U Nontbly Monthly Y data on national resource systems P.13.C Major CS problem areas/ do do C-TS+ 8/D Daily Y Y X shortcomings P.13.0 Status of remedial do do C-T8+ Weekly Daily Y X Y neasures underway P.13.g Federal, state, local, Cognisant Public U-TS* Monthly Monthly X Y X private sector CS agency(ies), information capabilities NSC. state sources, i local interagency/ SOC's i interdis- agency(iss). cipliaary private committees sector Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 phase-in terms of frequency of use and updating, classifica- tion, and source--will vary dramatically based on the event scenario. As a result, the Civil Security Division must ensure that the information processes are in place to support the easy flow of information under varying conditions. The need for an information system that can accomodate a variety of demands and yet be flexible enough to ensure comprehensive access to a broad spectrum of information is underscored in the following discussion of the detailed parameters and constraints asso- ciated with response management information requirements. 5.3.1 Verification of Occurrence (T.1) The primary sources of information for an impending event or an event-in-progress will usually be the agencies with tactical indications and warning centers. The nature of the event, the target, and the type of perpetrator will determine the security classification. For example, information regarding an impend- ing massive demonstration with a potential for large-scale dis- ruption, will probably be unclassified; but a threat of assas- sination against the President or other elected officials would be handled through classified channels of communication. Regardless of classification, information about impending or actual events that impact the civil security program should be routinely made available to the Civil Security Division. Where the Division is the first activity notified within FEMA, it will transmit the notification to the other relevant FEMA ele- ments. POC rosters will be consulted frequently during the event as it unfolds, so the rosters will be current. They should be updated at least daily, preferably with immediate notification of changes in key personnel. Depending on the nature of the event, the radio, TV, and the wire services may be in the.best position to provide immediate information on the 5-25 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 A T Q Y a x X s 3b . C D O ~ O I Q d w V e~w a Can a w a. Oil M O O m .- Q u t~ Y O O v O d Y i C. r ? . i Oi .M .a oQo.A Y Y Y Q'.. N 9~ pMp ? O SCrauL up,CrCG iC i+ d ? ..~ w o Q Q? ,. C of, Y U Y t M G.t O Y M M 0.go a a 2 Y 3 O .w O = d L O Y p C $a O O Y O $ C .~ G"d M e. i u a 0 w Q i e .. A O w d a v M > z 0 S ? V Fi M M Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 occurrence of an event. A periodic summary of news media information should be sent to FEMA emergency response manage- ment elements by the Civil Security Division. 5.3.2 Warning and Alerting Notification (T.2) Each agency should provide FEMA with information on its key personnel. During an event, the points-of-contact roster should be checked at least daily to ensure currency. To make sure that all affected agencies can be contacted by FEMA per- sonnel, each agency should inform FEMA of any unique notifica- tion procedures. Because of'the classification level of key personnel and POC rosters, procedures within some agencies may be classified. Thus FEMA may have to conform to certain restrictions or limitations on access. The information will be used internally to make certain that the affected agencies can be notified of an event by FEMA on a timely basis. 5.3.3 Decision Support (T.3) Sources with direct and tangential responsibility must be in a position to support FEMA's civil security activities in the response period. For example, there is an obvious interdepen- dence between information concerning the damage and disruption incurred and the potential consequences. Depending on the nature of the event scenario, the information classifications will range from unclassified through at least secret levels. Information required by civil security will be accessed frequently. It should be updated at least hourly in the early stages of the event. The scenario will ultimately determine the need and frequency of update. Current emergency procedures that define the Civil Security Division-Emergency Information and Coordination Center interface should be in place and reviewed at least monthly by the civil security staff. They Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 M N M I Y M Q 3 > Y ? w u a a 00 ? as a ? V > O b ? d u {Qu 7 u O W e W . W ~ W y S r S ? a j g G ? Y W Y Y C . a n _ C u ' . N V ~ a a ly M M Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 .  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 Y N N N N N N N N N N N N N N ~~ N N N N N N N > 0 O 00 O 0 ? IA M \ a C = CA COf ^ Q ^ ~O ? Q? M L tl Y? m ? Y? ? ? M Y Nv ? C? A ?.. ?Q M MO M .... Q .. 1 O. w M ~ M >an V ? .0 0 Q .w O w d V Q Q G C C ? G I -3 0 44 00 41 Q e0 ? SQ V O Q O as C7 ~ V + is o ?. V ? Or ? ? Oft O .r ..r ??d) OM 0.w?1 (.N? ?? M OM M . YY ? d? ? V Q M Id Y ? V Y> M? m- M ? d? V Q M Y ? V ? M S O 0 . V V i Q V V ? .o V 0 0 O V V 4 Q 9 0> .+ 0 ? ? . i vW m Y W tr V i m W " 0 all N . v d w O 4 of : %4 as MwO 0 3 N . ~t 4 ? .i 0 r Y Y .4 ? M 0 0 r O O O Q d ? ? ?Y a Q d 0 ? ? Y .?. ? M ? ? d "?" .48 ~.a gi ow ?? i ? ? i i V i w ` . .~ Q a u ? N ,... ?? 41 9 4 ? ?. i a a ~ ?! a- a? N N 5-29 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 i i i at M at fl W ft M M fit -R 7 7 a a a s a s ~ D C o . .~ - a a a a s C m ae at ". a?: ? i a.. . I ? v ? ? v ? ? v ? ? ? N !~Y Y N 9-Y L a is ! % Y a I M u? o C a> Y M V .l o C C> Y o +? N? O a s> Y O !M a? ? M H 110 a1 M U S a. as ? M V M ? O 0a Y? Y CI O fffaaalll O O C~ M 71 it ? V ? O. ? a ? ? G~ fY Y Cl N 0. ? O~ Y ? O M ?? ..~ .. a~ O 7 +?. O M ?? 4 +?i as 10.4 O ?v s Y ? ~?~ai ? 0%.0 ? O.?~CO ? ?v p a a 21% a M g a-. 41 0% Q w ? ? 6~ 30r ?Mw ? ? YC w ? dCrCrg Mw ? ? OC w ? w r? . fie ? w? Y Of - ? M 0 Orm aLS ? ae s? d a a 46 ? a a i 0 .? ? as 14 w M = 00 10 0 'M V a m: a o C7 : N -, si d 5-30 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 should also be updated monthly. The rapidity with which the event unfolds will probably dictate the need for ad hoc requests in the early stages of the event. Because the infor- mation may be highly classified, some access limitations can be anticipated. The Civil Security Division will also be required to provide decision makers with consolidated information on the civil security resources required during and immediately following the actual event. 5.3.4 Decision Implementation Action (T.4) The Civil Security Division will require information on specific delegations of responsibility within each affected agency. Information on tasking procedures should be provided by other FEMA elements. The event scenario will determine fre- quency of need. The Division will also need periodic updates of each agency's responsibilities and points-of-contact. Most information to support FEi's functions in this area should be available on a routine access basis because it will be unclassified. 5.3.5 Interim Coordination of Immediate Emergency Actions (T.5) During the trans-event phase, the Civil Security Division must have information on the primary civil security points-of- contact from each agency. It will frequently refer to informa- tion on rescue and evacuation assets, resources for damage control and containment, and the status of emergency actions to date. The frequency of updates will be dictated by the nature of the scenario. The Division staff should have ready access, although access to some information will be limited by high- level security classification. The Division, in collaboration with OEO, will prepare up-to-date summaries of information on the civil securityrelated aspects of response operations, such Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 1 11 s a ? O d. M M W C ? N F N Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 V U V V . . ?00 '00 '00 yo I0 Vo V0 y~ ; N N IA v 1A M M K M H E+ 5-33 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  - -- - -------- Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 as relocation sites, special protective equipment, supplies, and skilled personnel, to the affected agencies. 5.3.6 Initiate Execution Planning, Asset Mobilization, and Readiness for Recovery (T.6) Agencies that are responsible for recovery activities should provide the Civil Security Division with relevant information on plans, procedures,. and resources for post-event recovery. While most of the information should have been provided as part of preparedness activities, the nature and scope of the event requires that agencies give the Division necessary updates and changes. Most of the information snould be routinely available to FEA, although the security classification may dictate some restrictions. As information on recovery requirements and resource location is compiled, it should be transmitted to the affected agencies. 5.3.7 Congressional and Public Affairs Updates (T.7) The Civil Security Division must have access to up-to-date information on the civil security activities of all agencies involved in the event. The internal FEMA procedures for preparing and briefing information for the FEMA Congressional relations and public affairs staffs will be used frequently during the event. Classified data on current events may have to be accessed and transmitted to the Congressional. 5.3.8 Hand-off/Transition to FEMA Recovery Management Principals (T.8) The Office of Emergency Operations should inform the Civil Security Division of those FEMA elements that will ultimately assume response management. In turn the Division will provide the EICC/OEO with a record of its actions during its initial Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 3 C~ S ,s b fl ~f >0 >1 >4 >f >4 >4 s >. >t fl >r >t >~ >0 M >0 >0 M ? a a a a a ca cc 0 0 y N M fA 0~ ! - 3 3 M I 0 I I CA ar ? ? ? Ov Cv Y Cv ? ? ? ? ? O O N A Q M 2% Y M 1 M A Y Y Q 7 4 . U O ?.- U ? O ?d U? 0 0 Q Q ?.a C Q > 0 > .1 0 00 ? e0 U 00 ? ??+ U . 00 ?.1 U 00 O 00 hl ? O as m b ? O 106 ? ? ti V 4 OY Y Q? Or 96 ? Q ? a? Y -c Q p ? Y ? m M ..1 ? I ? Y ?. i .r Y Q A ?.r O O O O %d ? 4? Q ? ? e 00 45.41 550 , O J *+ ^ v O I. 0 Y 09 30, "d 0. M Q .~ ? O A J? ? r - M Q O ? 0 M O >+ 0 v M d i M ?i Qr O Oi G. Oi M ? s on ~? '0 '0 '0 ,0 r *4 N r N r+ N 5-35 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 RI ii ? ? Ob a li L w~ a M i- O ? o ?..Q w 0 s 0 +o o M ora~ ~.4 u iO _Q_ g ? w ? eewi w ? M ? 0 ? v M d J Q 'O M O Y O ew.~ Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 period of event management. It will also provide hourly updates of its activities related to event response. Informa- tion on responsibilities will likely be unclassified and rou- tinely available to the Division. Notification of changes should be furnished to the Division as frequently as necessary. 7.4 Post-Event Phase - Information Associated with Recovery In the recovery phase, the Civil Security Division has two generic information tasks: (a) addressing civil security- related issues associated with the event or with the recovery operations, and (b) evaluating the overall effectivenessa of the Federal, State, local and private sector civil security activities during the emergency. As noted in Chapter 4, the information required to support recovery activities involves maintaining communication with all agencies that were partici- pants in the event and documentation of their actions. The specific items and sources of information will vary, depending on the nature of the event. The parameters and.constraints discussed in this section continue to underscore the need for data gathering and information dissemination that is suffi- ciently flexibile to allow for varied sources, classification, and frequency of use. 5.4.1 Assist FEMA Emergency Information and Coordination Center/Office of Emergency operations and Staff Elements R.1 Information on possible civil security problems arising from or impinging upon recovery must be acquired from the agencies affected and conveyed to all interested parties. Most of the information collected and transmitted during this phase will have a maximum security classification of secret and should be accessible on a routine basis. Information on potential new Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 .  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 j ?t it sl *4 I~ a a a a a a > 1 f dY M ? O C C i ~ . . + V i _~ zuoa?Q ~, g Q 0 12 . u ? L..r a Q L ? ? Q ? . + w w 9 O Q v r 10 o 0 O 0 O Q 0 . !- 01 U ? I +1 y it Q? J? i O Q! U 'A 0 G7 Ci M C~ . r V ? A? C .. I S M V Oi et ai Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 contingencies and residual on concerns must be available on at least a daily basis. When there is a significant potential for secondary or tertiary effects (which may alter the scale or character of recovery demands), the Civil Security Divison should receive and disseminate information on civil security concerns to the EICC/OEO elements one daily basis, or more frequently if circumstances warrant. 5.4.2 Assess Continuing/Follow-on Civil Security Threat (R.2) Assessment information on additional targets and resource systems must be furnished by the intelligence and security communities. They should also furnish threat information and estimates updates. To ensure that the Civil Security Division can maintain flexibility and be prepared to modify its civil security operations and network of communication channels, POC rosters must be updated daily. Information for these activi- ties will cover the entire range of security classification.. Reports on civil security threats must be disseminated to affected members of the intelligence and security community. 5.4.3 Monitor Recovery Phase Activities/Progress (R.3) Civil security personnel should monitor recovery phase activi- ties based on information from all agencies involved. FEMA should provide procedures for reporting to interested agen- cies. Agency point-of-contact rosters should be provided to the Civil Security Division, and updates should be forwarded daily. Since most.of the information on this subject will be classified secret or below, access by FEMA should be on a routine basis. 5.4.4 Develop After-Action Lessons Learned (R.4) All agencies involved in the event should prepare after-action reports for the FEMA Civil Security Division. During the 5-40 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 se se ~s $4 !L N YI ~ ~ `~ ?3 a F H F ;7 N N G7 N ? O .4 O Y 'O .?4 0 o sr: 04 ~ 0-r 1 0rV0C~9 Y S & i i o 0 i i ?? A C M Y dOiw ??r w. Os w ? .0 c u w r a w i ? r? w u J 1 M w?. + Y 'C ? ^ .4 O .~ S aA u! . O5. ? 0 Y L ; w w ? O j I a.w + qy 4 ?ai s14'a i 3.i a w S.?. ~ w a I N N 4 N h d ~ Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 a a a a a ..r ..y a - a a a O ? C 0 Q : G 0~ . ? M ppp ppppp Y M a~ y 1 Y? Q Y 4 u am 2.0 on 6' 0 a Y w O ? ? ai rd Y ? 7 ? aj ? U. ? ? /y ? as ? ? C .M.s +?1 a ? ? O 'U M O o ? ? ? ? i ? ??> fu.4 Is 8 ~ a. Y 1 r O 000 OO wv wi iv 06 I o a s ? Y 0 0 w S t I* " . a ? U. w as o. is C M a a s . a a1 ax ai aY 5-42 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 ? N _ i N N N N N a v N N N N N m 3 N N N N N d 4 d Q O w ~ ~ ~ a e C a a a m w , +1 .i M ..1 rM a a a a a > ? ? L O ? L 1 , C l 1. > O O . 0 - a O O M ? O ? Ca ?+1 a ) _ V 4r 06 O O. ? C M d a e ? ? ~ o O O W ? O +~ Y Y r ? L ? ? ? o w at ? iM A QA ? Qdu . . ? 4 u0 Q +O ? O Q Q ? M 000 M ?., ? . O ++ N ? O Au u 0 4. 0 ? ++ ? > ? w U 460 ? ?? 0 O b L? M Q? Q? 0.0 ??^^.+ q ?? M Q Q ? M Q a1 ? .A M A AA.4 M .6 Y ?~. O L ? O M ? S > ? G6 ? 7 L+4 ?? .n- Q > ?M ?? u 0 O 1 M Q O ?? O ? %* 3 "0 +? a .+ pu ? J? u L u ? an ? w u w "0 as w O? .t 0 G..r y w? a e er w o as IN a~ al at 5-43 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 recovery period, the Division will need such historical infor- mation on a daily basis as it consolidates and summarizes the record of what transpired. Agencies should furnished updatqs whenever there are significant ohanges in their activities. Much of this information will be security sensitive and will require appropriate classification and commensurate restric- tions on access. Copies of these summaries, including appro- priate recommendations, should be disseminated to all appro- priate agencies and organizations in the civil security community. 5.4.5 Reappraise/Adjust Policy, Plans, and Programs (R.5) All agencies involved in the event must provide the Civil Security Division with after action reports on the event. As in the case of after-action reports, much of the information on needed adjustments and improvements in civil security policy, plans, and programs will be security sensitive and will there- fore require appropriate classification and restriction on access. Recommendations on improvements needed will be for- warded to affected agencies. Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 3~ > I 4 m m a a z m as H CA 1 0 1 v a . yM u p ? ? 7 Cm :11 = a d 0 > Z ? ?- ? O C L a0? - Q M ? G a ? w? ? S ??w w N 0 Y ? Z~ ? a ? ems s ~? i a u 7~ W O' ? ? 4 Q ? Y 'a Y a y I .. A ~ M M V L ? O Y M: p ~ Y C $ ?'Q bW dd as a 0.10 9 g ~ t ? c~ ..r ? . S ? v O ? ? N N N N Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 Civil Security Central Intelligence Agency Functional/logistic areas of highest vulnerability within a national resource system Mitigation, preparedness, response, and recovery activities to reduce the consequences of terrorism, civil disorder, sabotage, and subversion Civil Security Division Division under the Office of Mobilization Preparedness within the National Preparedness Programs Directorate of FEMA concerned with civil security matters Code Word Compartmented Control Mechanism A specific security classification above Top Secret A specific security classification above Top Secret In an exercise, test, or game, the method by which it is managed, the operational constraints and degrees of freedom, and the method for. determining success or failure Critical Nodes Functional/logistic areas of highest vulnerability within a national resource system ?Civil Security Civil Security Division of FEMA Drug Enforcement Administration Defense Intelligence Agency Department of Commerce Department of Energy Department of Justice Department of Transportation Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 E ICC FLEA Regions FERC FPC GSA . Management Information System Matrix of Responsibiliee National Resource Systems Essential element(s) of information Emergency Information and Coordination Center within FEMA Executive order Executive Office of the President Federal Bureau of Investigation Federal Communications Commission Federal Emergency Management Agency The ten geographic regions of FEMA in the United States, each under a regional office Federal Energy Regulatory Commission Federal Power Commission (now FERC) General Services Administration Department of Health and Human Services Immigration and Naturalization Service A computer-based organizational information system which provides data to support management activities and functions A method of graphically relating agencies to their respective areas of responsibility Memorandum of understanding The thirteen categories, defined in Figure 2.2, potentially vulnerable to disruption by terrorism, civil disorder, sabotage, and subversion National Emergency Management System National Intelligence Estimate A-4 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6 Post-Event Recovery Phase Pre-event Preparedness Phase Readiness Posture Responsibility Network SEC S /D SNIE SS Straw Man National Preparedness Programs Directorate in FEMA Nuclear Regulatory Commission National Security Agency National Security Council Office of Emergency Operations in FEMA Office of Management and Budget Presidential directive Point(s) of contact Petroleum, oil, and lubricants The period of activity, following a civil security event, in which recovery operations occur The period of continuous, on-going activity in preparation for and prior to a civil security event The capabilities for dealing with a contingency The interrelationships and overlap among agencies' responsibilities Securities and Exchange Commission Scenario Dependent State and Local Programs and Support Directorate in FEMA Special National Intelligence Estimate Secret Service A technique used to test the applicability, relevance, and usefulness of a proposed central idea Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89B01330R000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 WHSR White House Situation Room Threat Climate Appraisals of the likelihood, context, and form of terrorism, civil disorder, sabotage, or subversion Trans-event Response the period of activity during and Phase immediately following a civil security event in which immediate reaction-response measures are taken TVA Tennessee Valley Authority- Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6  Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6 Internal External W-20 F. Holland C. Light (20) J. Nuneville D. Ray W-21 C. Fritz T. E. H. Hunzeker Janicik (5) Strong W-21 File (2) W-27 F. Tompkins W-30 W. M. Hall W-50 M. Scholl W-73 S. R. Hirsch W-74 D. R. Friedman Document Control Atre/Metreu Library Records and Resources D-1 Declassified in Part - Sanitized Copy Approved for Release 2011/12/09: CIA-RDP89BO133OR000600870001-6