CERT Resources
Special Topics
Organizing CERT Teams
Organizing CERT Teams
Real incidents are chaotic, and CERT members have little or no experience in dealing with the chaos outside of drills and exercises. To bring order to chaos, CERTs are organized under the principles of the Incident Command System (ICS). CERT members, however, may have difficulty understanding how ICS works. This topic provides tips for making ICS easier for CERT members to understand.
Click on the links below to access more information about CERTs and ICS:
- Management Principles and ICS
- ICS Functions
- Applying ICS Principles to CERTs
- Expanded CERT Organization
- Training and Exercising
Management Principles and ICS
First responders who use ICS daily understand the advantages of flexible organization and manageable span of control that ICS offers. In an actual event, professional responders use ICS to divide activities into functional groups so that:
- There are clear lines of supervision.
- The person with decisionmaking authority (i.e., the Incident Commander) is not overwhelmed.
- There is a limited span of control for each leader or manager.
ICS Functions
ICS functions are similar to those used in the workplace. Management (the Incident Commander) sets priorities and makes decisions about what is to be done based on the information received from staff functions:
- Operations implements the decisions made by the Incident Commander.
- Planning receives, filters, and compiles information coming in from the incident scene.
- Logistics ensures that the personnel, equipment, and tools required by operations to implement the Incident Commander's decisions are in the right place at the right time in the right quantities.
- Administration collects all incident data after it has been compiled, acted on, and/or is no longer needed.
Applying ICS Principles to CERTs
In simple terms:
- Management (the CERT Team Leader) is responsible for deciding what is to be done.
- Operations is responsible for how it gets done.
- Logistics is responsible for how it gets supported.
- Planning is responsible for determining what is going on and how the information gets communicated and/or displayed.
- Administration is responsible for how everything gets documented.
The CERT/ICS Command function is shown in the organization chart below.
Expanded CERT Organization
To maintain a manageable span of control, each ICS section can be expanded or contracted as necessary. For example, teams assigned to the Operations Section are shown in the organization chart below. Note that each type of team has a Group Leader who reports directly to the Operations Section Chief.
An expanded CERT Operations Section is shown below. Note that, just as the CERT/ICS organization can expand to meet the needs of an unfolding event, it can also contract as the event winds down.
Training and Exercising
ICS and incident management are areas that will require training beyond that provided in the basic CERT materials. If possible, develop an additional module to provide additional information about how to establish an incident command, select incident facilities, and apply the principles of ICS to CERT.
Finally, provide exercises that allow CERTs to apply what they've learned about ICS in a simulated incident. Be sure to conduct a thorough debriefing so that lessons learned are identified and the CERT members' questions are answered.