Request a Demo

Fill in the form below and we will contact you shortly to organised your personalised demonstration of the Noggin platform.
Request a Demo

Meet Noggin

An integrated resilience workspace that seamlessly integrates 10 core solutions into one, easy-to-use software platform.

Business Continuity
Business Continuity
Operational Resilience
Operational Resilience
Crisis Communications
Crisis Communications
operational risk management
Operational Risk Management
Crisis & Incident Management
Crisis & Incident Management
Third-Party Risk Management
Third-Party Risk Management
Emergency Management
Emergency Management
WHS-hard hat
Safety Management
Investigations and Case Management
Investigations & Case Management
Security - padlock
Security Management

The Noggin Platform

The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.

Learn More

Industries

Explore Noggin's integrated resilience software, purpose-built for any industry.

Aviation
Aviation & Airports
Construction
Construction
Counter Terrorism
Counter-Terrorism
Care Services
Care Services
Education
Education
Financial Services
Financial Services
Healthcare
Healthcare & Hospitals
Manufacturing
Manufacturing
Mining Oil & Gas
Mining, Oil & Gas
Government
Public Safety & Government
Retail & Hospitality
Retail & Hospitality
Technology
Technology
Transportation
Transportation
Utilities
Utilities
Venues & Entertainment
Venues & Entertainment
Resilience Management Buyers Guide - Thumbnail
A Resilience Management Software Buyer's Guide
Access the Guide

Who We Are

The world’s leading platform for integrated safety & security management.

Learn More
Whitepaper

Guide to Understanding the ICS(Incident Command System)

Noggin

Emergency Management Software

Published January 25, 2024

Table of Contents
Guide to Understanding the ICS(Incident Command System)

Guide to Understanding the ICS(Incident Command System)

Explaining the Incident Command System

What ICS does: core concepts, principles, and benefits

How ICS can bolster your response efforts

Appendix: ICS functional areas, organizational structure, and incident team

Don’t have time to read it all now?
Download a copy for later

Guide to Understanding the ICS(Incident Command System)

Incident Command System: the essentials

  • Offers a standardized approach to the command, control, and coordination of emergency response, across the U.S.
  • Codifies emergency management best practices for fire and non-fire agencies alike 
  • Can be applied to non-emergency response scenarios (planned events: concerts, festivals, trainings, etc.) as well as business-as-usual operations
  • Key feature of the U.S. National Incident Management System (NIMS)

Explaining the Incident Command System

ICS: the history

Over the last half century, one of the key developments in emergency management has been the creation of the Incident Command System (ICS), an operational incident management structure that provides a standardized approach to the command, control, and coordination of emergency response for organizations across the U.S. 

The system’s longstanding success-it’s been in practice for over 40 years-stems directly from its genesis, created as it was, in the aftermath of a string of catastrophic wildfires that struck California in the 1970s. Eventually, fire suppression agencies were able to tame the fires, but only after the loss of tens of lives, hundreds of homes, and hundreds of thousands of acresi

The response itself was deemed suboptimal. But when researchers and practitioners went back to review the missteps, they discovered something curious. The flaw in the response hadn’t been too few resources, as is often the case, nor had it been poor tactics in the field. In fact, the major shortcoming was poor management and synchronization. Researchers assembled a list of the operation’s primary limitations:

  • Lack of common organization
  • Poor on-scene and inter-agency communications
  • Inadequate joint planning
  • Lack of valid and timely intelligence
  • Inadequate resource management
  • Narrow prediction capabilityii

Going forward, response agencies would have to cooperate, communicate, and coordinate better. But how? There didn’t yet exist a standardized incident management framework-a scalable structure that would help multiple response organizations work together, as the incident dictated.

Enter the Incident Command System, developed shortly thereafter as an inter-operable incident management framework for fire suppression agencies in California. And though ICS first adopters were localized to fire response, it didn’t take too long for non-fire organizations to begin using the system as well. As we’ll see, that adoptability wasn’t sheer happenstance either. Flexibility was a matter of intentional design.

What ICS does: core concepts, principles, and benefits

At its core, ICS is meant to enable the effective and efficient management of incidents, irrespective of jurisdiction, kind, complexity, or size. The system codifies emergency management best practices into a unified approach to incident response, integrating a combination of facilities, equipment, personnel, procedures, and communications, which then all operate under a common organizational structure. 

One of the reasons ICS is so successful is because it offers a common incident management vocabulary for all organizations involved in incident response. As a result, personnel from multiple agencies can communicate using the same language, rather than their own agency-specific terminology. The system thus lets incident managers set up a unified, centrally authorized, emergency command structure quickly, without fear of miscommunication in the field or in the incident command centeriii.

Nor are flexibility and standardization the system’s sole attributes. ICS creators developed the system with 14 core features in mind. Those features fall into the following types: standardization, command, planning structure, facilities and resources, communications and information management, as well as professionalism. The features are described as:

Type Feature Purpose
Standardization Common terminology Helps define organizational functions, incidents facilities, resource descriptions, and position titles. 
  Establishment and Transfer of command Command must be clearly established from the outset of the incident. Command must be transferred only with a briefing that captures all essential information for continuing safe and effective operations.
Command Establishment and Transfer of command Command must be clearly established from the outset of the incident. Command must be transferred only with a briefing that captures all essential information for continuing safe and effective operations.
  Unified command Enables agencies with different legal, geographic, and functional authorities and responsibilities to work together effectively under individual agency authority, responsibility, or accountability.
  Management by objectives Includes establishing overarching objectives; developing strategies based on incident objectives; developing and issuing assignments, plans, procedures, and protocols; establishing specific, measurable objectives for various incident management functional activities and directing efforts to attain them, in support of defined strategies; and documenting results to measure performance and facilitate corrective action.
Planning and organizational structure Modular organization The organizational structure is based on the size and complexity of the incident, as well as the specifics of the hazard environment created by the incident. 
  Incident action planning Offers a coherent means of communicating the overall incident objectives in the context of both operational and support activities. 
  Manageable span of control Span of control of any one individual should range from three to seven subordinates. 
  Incident locations and facilities Operational support facilities will be established in the vicinity of an incident, e.g. incident command posts, bases, camps, staging areas, mass casualty triage areas, etc.
Facilities and resources Comprehensive resource management Stipulates accurate, up-to-date accounting of resource use. 
  Integrated communications Develop and use a common (incident) communications plan and interoperable communications, processes, and structures. 
Communications and Information Management Information and Intelligence management Establish a process for gathering, analyzing, sharing, and managing incident-related information and intelligence.
  Accountability

Effective accountability is considered essential during incident operations. As such, the following principles must be adhered to:

• Check-in, • Incident Action Plan, • Unity of command, • Personal responsibility,
• Span of control, • Real-time resource tracking 
Professionalism Dispatch/deployment Personnel and equipment should only respond when requested or when dispatched by
the appropriate authority

Source: Federal Emergency Management Agency

How ICS can bolster your response efforts

So why exactly should you adopt ICS, especially when many emergency incidents never cross jurisdictional boundaries and don’t necessitate a multi-agency response? The short answer is many others do. What’s more, despite first appearances, small to medium-scale emergencies often are beyond the capacity of one single agency to tackle alone; whereas multiple agencies working efficiently in tandem can handle the situation with relative ease. A FEMA position paper puts this best: “There will be instances in which successful domestic incident management operations depend on the involvement of emergency responders from multiple jurisdictions, as well as personnel and equipment from other states and the federal government. These instances require effective and efficient coordination across a broad spectrum of organizations and activities”iv

And that’s when ICS provides its greatest value. The system facilitates the easy mobilization of outside resources, designed as it is so that everyone knows what’s going on. But the system doesn’t just come in handy during an incident. It also helps organizations unite, plan, and simulate their responses before the incident breaks out in the first place. 

ICS also provides a rich stockpile of best practices. Having experienced some of the ruinous effects of inadequate joint planning up close, ICS creators took the imperatives of coordinated planning very much to heart. And that’s why, ICS, as it stands today, offers a pretty thorough process for incident planning, culminating in the development of the Incident Action Plan (IAP).

The IAP documents incident goals, objectives, and strategies, as well as contains tactics and vital information for managers and responders. Far from a static document, the IAP is meant to evolve as incident parameters change and facts on the ground shift, thereby giving agencies an important means by which to disseminate critical information before, during, and after the incidentv

ICS and the National Incident Management System (NIMS)

Pretty much as soon it was developed, ICS surged in popularity, adopted far beyond the fire suppression context and replicated across the globe (see, for example: the Austral-asian Inter-service Incident Management System --- link to the guide). No doubt, one of the most important milestones in this trajectory was the decision to include ICS as a key feature of the U.S. National Incident Management System (NIMS), when that system was created in the 2000s. In fact, we might say that that single decision helped spur greater (non-fire) adoption of ICS than anything else.

Put out by the U.S. Department of Homeland Security, NIMS lays out a standardized approach for tackling all-hazard situations, offering a consistent nationwide approach for federal, state, tribal, and local governments to use when working together to prepare for, prevent, respond to, and recover from domestic incidents of any cause, size, or complexity.

Like ICS, NIMS incorporates existing best practices after all, it was developed after close collaboration between state and local government officials and representatives from a wide range of public safety organizations-into a comprehensive national approach to incident management. The approach taken by NIMS is based on a few core concepts, not too dissimilar to ICS’: 

  • A consistent method for identifying, acquiring, allocating, and tracking resources
  • Standardized systems for classifying resources to improve the effectiveness of mutual aid assistance agreements
  • Coordination to facilitate the integration of resources for mutual benefit
  • Use of all available resources from all levels of government, nongovernmental organizations, and the private sector, where appropriate
  • The integration of communications and information management elements into organizations, processes, technologies, and decision support
  • The use of credentialing criteria that ensures consistent training, licensing, and certification standards

NIMS essentially boils down to proper planning before an incident, during which time organizations should inventory and categorize their resources by kind and type, including size, capacity, capability, and other characteristics. 

Source: U.S. Department of Homeland Security 

A final word: inter-agency coordination is hard. Poor communication, a lack of shared situational awareness, and a failure to grasp the structures of peer organizations too often doom incident response. By design, ICS was set up to solve each of those challenges and set agencies up for success.

As an additional benefit, the system also provides logistical and administrative support for operational staff and contributes to lower overall operational costs, as fewer efforts get duplicated. Lastly, communication, coordination, and accountability being prerequisites for efficient business-as-usual processes, organizations have also found great success using ICS to effectively allocate their BAU resources.

Appendix: ICS functional areas, organizational structure, and incident team

ICS establishes a full Incident Management team grouped around five functional areas, Command, Operations, Logistics, Planning, and Administration/Finance (depicted below):

illustation_6-removebg-preview

ICS organizational structure

illustation_7-removebg-preview

ICS key roles and responsibilities

Role Responsibilities
Incident Commander
  • In control of the overall management of the incident
  • Assessing the situation and obtaining a briefing from the previous Incident Commander, if applicable. 
  • Determining the incident objectives and strategy.
  • Establishing the immediate priorities.
  • Establishing an Incident Command Center.
  • Establishing an appropriate organization.
  • Scheduling planning meetings, as required.
  • Authorizing and approving the implementation of an Incident Action Plan.
  • Ensuring that adequate safety measures are in place.
  • Coordinating activity for all command and general staff.
  • Coordinating with key people and officials.
  • Approving requests for additional resources or for the release of resources.
  • Keeping the Policy Group informed of the incident status.
  • Approving the use of auxiliary personnel, as required.
  • Authorizing the release of information to the news media.
  • Ordering the demobilization of the incident when appropriate.
  • Approving all information prior to release.
Public Information Officer
  • Verifies, coordinates, and disseminates accurate, accessible, and timely information on the incident’s cause, size, and current situation, for both internal and external use.
  • Gathering information about the incident from Incident Command Center and the response teams.
  • Gathering information related to the type of incident from professional sources, such as response agencies, technical specialists, and emergency response guidebooks.
  • Verifying the accuracy of the information gathered by consulting with the Incident Commander, Incident Command System (ICS) team, response agencies and technical specialists.
  • Coordinating dissemination of information internally to response teams and related resources.
  • Coordinating dissemination of information externally to key stakeholders, media, and the public.
Safety Officer
  • Identify and mitigate hazardous situations. 
  • Ensure safety messages and briefings are made. 
  • Exercise emergency authority to stop and prevent unsafe acts. 
  • Review the Incident Action Plan for safety implications.
  • Assign assistants qualified to evaluate special hazards
  • Initiate preliminary investigation of accidents within the incident area. 
  • Review and approve the Medical Plan. 
  • Participate in planning meetings.
Liaison Officer
  • Act as a point of contact for agency representatives. 
  • Maintain a list of assisting and cooperating agencies and agency representatives. 
  • Assist in setting up and coordinating interagency contacts. 
  • Monitor incident operations to identify current or potential interorganizational problems.
  • Participate in planning meetings, providing current resource status, including limitations and capabilities of agency resources. 
  • Provide agency-specific demobilization information and requirements.
Operations Controller
  • Managing tactical operations, including:
    – Interacting with the relevant people in the next lower level of the organization, to develop the operations portion of the Incident Action Plan
    – Requesting the resources required to implement the tactics as a part of the Incident Action Plan development.
  • Assisting in developing the operations part of the Incident Action Plan. 
  • Supervising the execution of the Incident Action Plan for operations, including:
    – Maintaining close contact with people in subordinate positions. 
    – Ensuring safe tactical operations.
  • Requesting additional resources to support tactical operations, if required.
  • Approving the release of resources from their assigned status.
  • Making or approving changes to the Incident Action Plan during the operational period, as required. 
  • Maintaining close communications with the Incident Commander. 
  • Maintaining the Activity Log.
Planning Controller 
  • Collects, evaluates, processes, and disseminates information for use at the incident.
  • Collecting and processing situation information about the incident. 
  • Supervising preparation of the Incident Action Plan. 
  • Providing input to the Incident Commander in preparing the Incident Action Plan. 
  • Reassigning out-of-service personnel already on-site to ICS organizational positions, as appropriate. 
  • Establishing information requirements and reporting schedules for the Planning Section units.
  • Determining if specialized resources are required to support the incident. 
  • Assembling and disassembling strike teams and task forces not assigned to operations, if requested to do so.
  • Establishing special information collection activities, as required.
  • Assembling information on alternative strategies.
  • Providing periodic predictions on the incident potential.
  • Reporting any significant changes in the incident status.
  • Compiling and displaying incident status information.
  • Overseeing preparation of the Incident Demobilization Plan.
  • Incorporating the Incident Traffic Plan from Ground Support, and other supporting plans into the Incident Action Plan.
  • Maintaining the Activity Log.
Logistics Controller 
  • Supporting incident management operations by:
  • Securing and providing personnel, equipment, facilities, resources and services required for incident resolution.
  • Coordinating personnel.
  • Assembling and deploying volunteer teams.
  • Facilitating communication among incident responders. 
  • Establishing and overseeing the communications center and activities during the incident.
  • Establishing and maintaining critical incident kits.
  • Coordinating access to and distribution of supplies during the incident.
Finance/Administration Controller
  • Managing all financial aspects of the incident.
  • Providing financial and cost analysis information as requested.
  • Gathering pertinent information from briefings with responsible agencies.
  • Developing an operating plan for the Finance/Administration Section.
  • Fulfilling supply and support needs.
  • Determining the need to set up and operate an incident commissary.
  • Meeting with Assisting and Cooperating Agency Representatives, as required
  • Maintaining daily contact with the organization headquarters on finance and administration matters.
  • Ensuring that all personnel accurately complete and transmit their time records to head office or home agencies, according to policy.
  • Providing financial input to demobilization planning.

Source: U.S. Department of Homeland Security, Federal Emergency Management Agency

Citations

i. For reference; see the Laguna fire of 1970, California’s then-third largest wildfire.

ii. Robert L. Irwin: Disaster Response: Principles of Preparation and Coordination. Available at https://web.archive.org/web/20080423021922/http://orgmail2.coe dmha.org/dr/DisasterResponse.nsf/section/07?opendocument&home=html.

iii. Federal Emergency Management Agency: NIMS and the Incident Command System. Available at https://www.fema.gov/txt/nims/nims_ics_position_paper.txt.

iv. Ibid.

v. U.S. Department of Health & Human Services: Office of the Assistant Secretary for Preparedness and Response: What Is An Incident Action Plan? Available at https://www.phe.gov/Preparedness/planning/mscc/handbook/Pages/appendixc.aspx.
New call-to-action
close (3)

Download your copy