Journal of Homeland Security and
Emergency Management
Volume 7, Issue 1
2010
Article 63
Intelligence-Led Mitigation
Keeley Townsend∗
John P. Sullivan†
Thomas Monahan‡
John Donnelly∗∗
∗
Independent Researcher, ktowns@gmail.com
Los Angeles County Sheriff’s Department, jpsulliv@lasd.org
‡
Las Vegas Metropolitan Police Department, t2936m@lvmpd.com
∗∗
DC Fire and Emergency Medical Services, john.donnelly@dc.gov
†
Copyright c 2010 The Berkeley Electronic Press. All rights reserved.
Intelligence-Led Mitigation
Keeley Townsend, John P. Sullivan, Thomas Monahan, and John Donnelly
Abstract
This paper explores methods for capitalizing on existing law enforcement intelligence capabilities to provide intelligence support to decision makers for a full spectrum of public safety and
emergency service operations. Intelligence-led mitigation is a management philosophy and business process to proactively guide strategic, operational, and tactical decisions for mitigating the
effects of intentional, accidental, and natural incidents. There is currently a gap in the intelligence
products needed by public safety and emergency service organizations to support their resource
decisions, and the quantity and quality of intelligence products they are receiving. This breach
between producer and consumer exists across the country and at all levels of government. The
intelligence-led mitigation model was designed to demonstrate how the existing principles and
processes of intelligence-led policing can be applied to a broader set of incidents, incident phases,
and stakeholders in order to effectively and efficiently fill this critical intelligence gap.
KEYWORDS: mitigation, intelligence requirements, risk reduction, situational awareness
Townsend et al.: Intelligence-Led Mitigation
1
Intelligence-led mitigation is a management philosophy and business
process to proactively guide strategic, operational, and tactical decisions for
mitigating the effects of intentional, accidental, and natural incidents.
The premise of intelligence-led mitigation includes the intelligence-led
policing approach for systematically collecting, organizing, analyzing, and
utilizing intelligence to make informed resource decisions. However, while the
goal of intelligence-led policing is to support law enforcement actions for crime
prevention, disruption, and investigation, the goal of intelligence-led mitigation is
to provide organizations with public safety and emergency service functions
(including law enforcement) with intelligence products which enhance their
understanding of the operational environment and enable them to make informed
resource decisions on appropriate preparedness, prevention, protection, response,
and recovery actions to mitigate incidents.
Background
Because intelligence-led mitigation follows the intelligence-led policing approach
and intelligence processes, it is useful to review the principles of intelligence-led
policing and how the approach has been used within the international law
enforcement community. An understanding of the application of intelligence-led
mitigation will be further supported by an examination of the scope of operations
that fall under the umbrella of mitigation within this context, as well as a
comparison of the intelligence-led policing and intelligence-led mitigation
concepts.
Intelligence-Led Policing
Intelligence-led policing has numerous accepted definitions, including:
▪ “the collection and analysis of information to produce an intelligence end
product designed to inform law enforcement decision making at the tactical
and strategic levels.” (110th Congress 2007; DOJ/OJP 2003, p. 3-4)
▪ “a business process for systematically collecting, organizing, analyzing, and
utilizing intelligence to guide law enforcement operational and tactical
decisions.” (Global 2009, p. 3)
▪ “the application of criminal intelligence analysis as an objective decisionmaking tool in order to facilitate crime reduction and prevention through
effective policing strategies and external partnership projects drawn from an
evidential base.” (Ratcliffe 2003, p. 3)
Published by The Berkeley Electronic Press, 2010
2
JHSEM: Vol. 7 [2010], No. 1, Article 63
▪ “a collaborative philosophy that starts with information, gathered at all
levels of the organization that is analyzed to create useful intelligence and an
improved understanding of the operational environment.” (CPT 2006, p. 3)
The concept of intelligence-led policing originated in the United Kingdom
(UK) in the 1990s, “where a seemingly inexorable rise in crime during the late
1980s and early 1990s coincided with increasing calls for police to be more
effective and to be more cost-efficient.” (Ratcliffe 2003, p2) Today, the UK’s
National Intelligence Model promotes the widespread institutionalization of the
intelligence-led policing approach across the UK to “rationalise and systematise
the ways in which the police service handles information and makes key decisions
about the deployment of resources.” (John 2004, p. 2)
Within the United States (US), intelligence-led policing gained popularity
after the events of September 11, 2001, which heightened recognition of the role
intelligence can and should play in local law enforcement decision making. The
concept was first formally introduced stateside by the International Association of
Chiefs of Police at their 2002 Criminal Intelligence Sharing Summit. (IACP 2002)
According to the US Department of Justice National Criminal Intelligence
Sharing Plan (October 2003), “the primary purpose of intelligence-led policing is
to provide public safety decision makers the information they need to protect the
lives of our citizens.” (DOJ/OJP 2004, p. v)
The New Jersey State Police (NJSP) Practical Guide to Intelligence-Led
Policing (September 2006) further describes the principles for implementing an
intelligence-led policing approach to target resource allocation for combating
crime, terrorism, and other law enforcement issues. (CPT 2006, p. 1) The Guide
acknowledges the NJSP’s “primary responsibility as a state policing organization
is to prevent and disrupt crime and terrorism” and that they “will do so by
leveraging an intelligence apparatus that communicates clearly, shares
information, and focuses resources.” (CPT 2006, p. 1)
Thanks to its successful application within the UK and in many domains
within the US, the intelligence-led policing approach is now also being used by
law enforcement and military personnel in Afghanistan. According to a June
2009 British Ministry of Defence report, “intelligence-led policing has allowed
the Afghan National Army, with coalition help, to carry out 146 drug arrests
leading to the first heavy jail sentences (10 to 16 years).” (MOD 2009)
Mitigation
Within the context of public safety and emergency service functions, mitigation
can be defined as actions taken to reduce or eliminate risks—from intentional,
accidental, and natural incidents—that could negatively impact life, property,
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
3
and/or critical services. Mitigation actions can be taken before, during, or after an
incident, and may include measures to reduce threats, abate vulnerabilities, and/or
minimize the severity of incident consequences.
Historically, the term ‘mitigation’ has most commonly been associated
mainly with actions taken to avoid environmental damage or to address natural
disasters. This inclination is supported by two major pieces of legislation:
▪ Code of Federal Regulations, Title 40: Protection of Environment, Part
1508.20 (incorporated into the National Environmental Policy Act) states
that “mitigation includes: avoiding the impact altogether by not taking a
certain action or parts of an action; minimizing impacts by limiting the
degree or magnitude of the action and its implementation; rectifying the
impact by repairing, rehabilitating, or restoring the affected environment;
reducing or eliminating the impact over time by preservation and
maintenance operations during the life of the action; compensating for the
impact by replacing or providing substitute resources or environments.” (40
CFR 1508.20 2009)
▪ The Disaster Mitigation Act of 2000—Public Law 106–390—cites a
Congressional finding that “natural disasters, including earthquakes,
tsunamis, tornadoes, hurricanes, flooding, and wildfires, pose great danger
to human life and to property throughout the United States” and that “predisaster hazard mitigation measures” should be “designed to reduce injuries,
loss of life, and damage and destruction of property, including damage to
critical services and facilities.” (106th Congress 2000)
While the core purpose of mitigation and several elements of mitigation
measures are captured in the above, the application of mitigation actions is far
broader than just environmental protection and natural disaster remediation. For
example, the US Army Technical Escort Unit conducts “rapid deployment to
provide chemical and biological advice, verification, detection, mitigation,
decontamination, escort, and remediation of chemical and biological devices or
hazards worldwide. In accomplishing this mission, it has provided support to,
among others, the Federal Bureau of Investigation, the Federal Emergency
Management Agency, the Environmental Protection Agency, and the United
Nations.” (Bowman 2003, p. 6)
The US Department of Justice currently employs a ‘risk mitigation’
process that requires them to “conduct vulnerability assessments to identify risks
to its critical infrastructure. After the vulnerability assessments, remedial action
plans are required to mitigate the exploitation of risks until the vulnerabilities are
eliminated or reduced to an acceptable level.” (DOJ/OIG 2003, p. iv) The Federal
Bureau of Investigation (FBI) also uses mitigation actions to achieve its strategic
Published by The Berkeley Electronic Press, 2010
4
JHSEM: Vol. 7 [2010], No. 1, Article 63
objective of identifying and responding to weapons of mass destruction (WMD)
threats. The FBI Strategic Plan 2004-2009 identifies that “the FBI must be
prepared to mitigate the threat from a WMD attack through training and
cooperation with state and local law enforcement partners, as well as federal
agencies with homeland security responsibilities.” (FBI 2004, p. 32)
The relationship between intelligence and mitigation is also not an entirely
new concept. The US Department of Homeland Security, Immigration and
Customs Enforcement’s Office of Intelligence provides intelligence support to
law enforcement and homeland security mitigation efforts by: identifying
patterns, trends, routes and methods of criminal activity; prioritizing current
enforcement efforts; predicting emerging or future threats; identifying potential
systemic vulnerabilities; and, identifying methods to mitigate those
vulnerabilities. (ICE 2010) The US Secret Service, which has unique statutory
authorities to use intelligence to prevent attacks on the nation’s leaders and
visiting foreign dignitaries, “is principally a consumer of intelligence which it
analyzes to mitigate threats to those it is charged to protect.” (Randol 2009, p. 49)
Finally, the National Counterproliferation Center (NCPC), which resides
within the Office of the Director of National Intelligence (ODNI), recognizes
mitigation as a part of their mandate to support the Intelligence Community with
countering the proliferation of WMDs. The “NCPC conducts strategic
counterproliferation planning for the IC to support policy efforts to prevent, halt,
or mitigate the proliferation of WMDs, their delivery systems, and related
materials and technologies.” (ODNI 2009, p. 26)
Intelligence-Led Policing
Intelligence-Led Mitigation
At the core of both the intelligence-led policing and intelligence-led mitigation
concepts is the use of the intelligence cycle, which “seeks to set appropriate
tasking priorities for the collection of basic data, process that data into an easily
useable format, analyze it to create situational awareness through intelligence
products that support tactical, operational and strategic needs, then disseminate
those products to customers who provide feedback on what additional or new
intelligence requirements remain. The cycle begins anew as new requirements are
again balanced against command guidance, operational needs, and resource
constraints.” (CPT 2006, p. 6)
Within intelligence-led policing, intelligence products that result from the
intelligence cycle are used by law enforcement agencies to make resource
decisions aimed at increasing the effectiveness and efficiency of actions to
prevent, disrupt, and investigate major crimes and terrorism. (See the New Jersey
State Police Practical Guide to Intelligence-Led policing for more information on
the application of an intelligence-led policing approach.) Within intelligence-led
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
5
mitigation, the same intelligence cycle process is employed, but it is used to
provide intelligence support to a wider stakeholder group, for making resource
decisions in a wider set of applications.
The expanded stakeholder group addressed by intelligence-led mitigation
incorporates all organizations with public safety and/or emergency service
functions. This includes any governmental or private sector organization that has
the responsibility to perform law enforcement, security, fire suppression,
emergency medical service, hazardous material, search and rescue, public health,
environmental health, or emergency management operations. The mitigation
applications for intelligence produced through the intelligence cycle include
preparing for, preventing, protecting against, responding to, and recovering from
intentional, accidental, or natural incidents.
Intelligence-Led
Mitigation (ILM)
Major Crimes, Terrorism
Intentional, Accidental,
Natural Incidents
Evaluation
Collection
Intelligence
Cycle
Dissemination
Analysis &
Production
Prevention, Disruption,
Investigation
Planning &
Direction
Preparedness, Prevention, Protection,
Response, Recovery
Intelligence-Led
Policing (ILP)
Law Enforcement
Public Safety & Emergency Services
[law enforcement, security, fire suppression, EMS,
HazMat, S&R, public health, environmental
health, emergency management]
Figure 1. Intelligence-led mitigation is an expansion of intelligence-led policing.
Published by The Berkeley Electronic Press, 2010
6
JHSEM: Vol. 7 [2010], No. 1, Article 63
It may be difficult to delineate a hard line between ‘policing’ and
‘mitigation’ as they are defined here, but that is because many policing actions are
also essentially mitigation actions (i.e. actions taken to reduce risks). For
example: crime prevention actions can mitigate current threats; the result of
criminal investigations can mitigate future threats; and, actions taken to disrupt
criminal activities can mitigate vulnerabilities. This line is further blurred by the
fact that both intelligence-led policing and intelligence-led mitigation utilize the
same processes for generating intelligence, and many intelligence products can be
used to support both policing and mitigation actions. The two concepts share a
core structure, have related (and in some cases overlapping) elements, and
collectively cover the broad homeland security community for the full spectrum
of homeland security operations. The conceptual distinction is that intelligenceled mitigation supplements the intelligence-led policing stakeholder definition in
order to expand the landscape of intelligence content, context, and customers
served.
Principles
Intelligence-led mitigation involves the use of intelligence products to make
informed resource decisions for appropriate mitigation actions. In order to make
those decisions, strategic leaders, incident commanders, and field operators need
to have a high degree of situational awareness about the operational environment.
Intelligence products that help leaders, commanders, and operators achieve this
level of awareness must be driven by a clear articulation of their intelligence
requirements, which are in turn driven by an understanding of the types of
resource decisions they must be equipped to make.
Situational Awareness
The most common definition of situational awareness is simply ‘knowing what is
going on around you.’ This definition is often narrowly interpreted as
information in a static state, or having a snapshot of how things are right now.
Within the public safety and emergency service context, static situational
awareness could be equated with the information obtained by performing an
initial assessment upon arriving at an incident, without prior knowledge of the
physical environment, intelligence about what led up to the incident, or
intelligence on known or believed incident characteristics (e.g. the presence of
hazardous materials). This level of awareness is insufficient for effective decision
making.
On the other end of the spectrum, dynamic situational awareness involves
the ability to understand the current operational environment, anticipate how that
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
7
environment might change, and ascertain changes as they occur. For a public
safety or emergency service decision maker, having dynamic situational
awareness would mean: having been provided with relevant intelligence prior to
the incident so they could understand the risks associated with that type of
incident occurring in that location (and thus plan accordingly); receiving current
intelligence regarding the incident so they could anticipate how the specific
characteristics of the incident could affect their response operations; and,
receiving intelligence updates throughout the incident so they could ascertain
changes in the operational environment and make appropriate tactical and safety
decisions.
Developing and maintaining dynamic situational awareness requires a
continual supply of intelligence (defined as analyzed data or information) about
the operational environment—before, during, and after an incident. But more
importantly than simply receiving intelligence inputs is receiving accurate,
relevant, timely, and current intelligence. There is an important distinction
between growth and development that is worth noting here: growth is an increase
in size or quantity; development is a maturation of capabilities. Situational
awareness can grow through an influx of mass amounts of intelligence, but the
intelligence may not necessarily be what a commander needs, and the large
quantity of intelligence products may actually hinder the decision making process
because of the need to decipher relevant pieces (what some academics refer to as
‘analysis paralysis’). Acute situational awareness is developed when the
commander has the intelligence he actually needs, when he needs it, in order to
make rapid decisions; it is maintained when the intelligence a commander is
provided is updated and built upon (matured) as the threat or incident
environment evolves. Finished intelligence is never fully ‘finished’ until the
threat has been entirely dissolved or the incident has been fully remediated.
The spiral development approach—a part of the Department of Defense
(DoD) evolutionary acquisition strategy for obtaining mature technology—
provides a parallel model for how dynamic situational awareness can be
developed and maintained. Spiral development includes identifying a desired
capability, without entirely knowing the end state requirements. As the program
evolves, the user is provided “with the best available capability at that time and
then future requirements are developed and refined over time based on
demonstration, risk management, and continuous user feedback.” (Reifer 2006, p.
67) In the case of dynamic situational awareness, the desired capability is an
intelligence-driven understanding of the current risk environment. As the risk
environment or actual incident evolves, decision makers are provided with the
best available intelligence at that time in order to maintain an accurate
understanding of the operational environment. And as with the DoD’s spiral
development approach, dynamic situational awareness requires that appropriate
Published by The Berkeley Electronic Press, 2010
8
JHSEM: Vol. 7 [2010], No. 1, Article 63
intelligence requirements are repeatedly refined through the demonstration of
their utility, updated risk management assessments, and continuous user feedback.
The application of dynamic situational awareness for making strategic,
operational, and tactical decisions for effective mitigation actions is best
demonstrated by the US Air Force Colonel John Boyd’s observe-orient-decide-act
loop (also know as the OODA loop or Boyd Cycle). The OODA loop describes
the decision-making process as a “four-phase cycle that involves Observing the
environment, Orienting to what was observed, Deciding on a course of action, and
Acting.” (Sullivan & Bauer 2008, p. 98) Intelligence plays a critical role in the
Observe and Orient phases. “A decision-maker’s ability to rapidly cycle through
both these phases is strongly dependent on an effective intelligence process with
the capacity and capability to provide a steady flow of quality intelligence. In any
operational environment involving the use of intelligence, the process used to
develop decision support products must be tailored to satisfy both the system’s
knowledge requirements and its desired pace of operations.” (Sullivan & Bauer
2008, p. 98)
The Los Angeles Terrorism Early Warning (TEW) Group model captures
the concept of dynamic situational awareness for their counterterrorism operations
by “establishing, maintaining, sharing and constantly improving situational
awareness” through intelligence support to reduce the degree of uncertainty in a
conflict environment. (Sullivan & Bauer 2008, p. 108) The Los Angeles TEW’s
Concept of Operations further states:
Establishing situational awareness requires the intelligence operation to
routinely track the most dynamic and influential variables within the
conflict environment in order to provide an accurate description of “what
is” at any moment in time. Further, intelligence operations seek to identify
predictable patterns in environmental variables – situational understanding
– in order to provide assessments that reach beyond simply describing
“what is,” but also identifying potential outcomes, or “what will be.”
(Sullivan & Bauer 2008, p. 109)
Intelligence Requirements
Before intelligence analysts and managers can provide decision makers with the
intelligence they actually need to make informed resource decisions on
appropriate strategic, operational, and tactical mitigation actions, they must first
understand the consumers’ intelligence requirements.
An intelligence
requirement in this context can be defined as a requirement for intelligence to fill
a gap in the knowledge or understanding of the operational environment—before,
during, and after an incident.
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
9
For example, if an improvised explosive device was detonated at a
chemical plant, public safety and emergency service decision makers may have
the following general intelligence requirements to help them develop and
maintain dynamic situational awareness of the operational environment:
▪ Pre-incident intelligence on threats to chemical facilities, vulnerability
assessments of chemical facilities, and consequence models for explosions
within chemical facilities. (If available, intelligence on the specific facility
in question would be of greatest benefit, but intelligence on similar facilities
within the sector generally would also prove highly valuable.)
▪ Trans-incident intelligence on known characteristics of the attack, potential
secondary threats to the facility or to the responders, additional facility
vulnerabilities created by compromises to the facility structure or support
infrastructure, and consequence models based on the actual incident (e.g.
plume models for discharged chemicals).
▪ Post-incident intelligence on secondary incidents, updated damage reports
on facility structure and support infrastructure, other affected critical
infrastructure, and updated consequence models, as well as operational best
practices that are identified during the course of incident operations and/or
through the development of the incident after-action report.
The process of identifying intelligence requirements for mitigation actions
requires the active participation of the public safety and emergency service
practitioners that will be using the resulting intelligence products to support their
decision making process. This participation should take place routinely so the
public safety and emergency service managers can better understand the
intelligence lexicon and process. Participation should also begin during the early
stages of the ‘planning and direction’ phase of the intelligence cycle and continue
throughout the cycle via the intelligence analyst and manager utilization of
subject matter experts within public safety and emergency service fields, as well
as detailed feedback from consumers once intelligence products are received and
used. “While the intelligence product’s timeliness and accuracy are critical, the
primary value of the product is determined by its relevance and utility within the
decision-making system it is intended to support (customer satisfaction).”
(Sullivan & Bauer 2008, p. 99) Intelligence analysts won’t be able to satisfy
customers if the customers don’t provide feedback on their level of satisfaction.
As intelligence analysts and managers better understand these intelligence
requirements, they can modify their list of standing and priority information needs
to ensure they are collecting the full spectrum of data and information necessary
to generate intelligence products to meaningfully support mitigation actions.
Published by The Berkeley Electronic Press, 2010
10
JHSEM: Vol. 7 [2010], No. 1, Article 63
Resource Decisions
While the Incident Command System (ICS) was designed to organize on-scene
emergency management, the system structure provides a convenient framework
for illustrating the nature of resource decisions that public safety and emergency
service strategic leaders, incident commanders, and field operators must make.
For example, using ICS categories, the Operations Section Chief could use
intelligence products to identify when and where strike teams are able to safely
operate, determine the need for and optimal placement of air support, and
establish and maintain a secure staging area. The Planning Section Chief could
use intelligence products to inform situation reports, create incident action plans,
and identify the need for contingency plans and technical specialists. The
Logistics Section Chief could use intelligence products to identify requisite
security precautions and anticipate future supply needs.
The ultimate consumer of intelligence under the ICS structure is of course
the Incident Commander—the person responsible for ensuring that incident
operations are not only effective, but also that they are conducted in a manner
which protects the safety of victims and responders alike. The primary mission
for intelligence producers within this framework is therefore to provide
commanders with intelligence products that support their ability to make critical
decisions with speed and confidence. “In the world of emergency response,
managing safety is fundamentally a question of managing risk. Because dangers
are inevitable, decisionmakers must weigh the potential benefits of response
activities against the risks involved. The ability to perform such risk-benefit
analysis effectively depends on ready access to accurate and comprehensive
information [intelligence].” (Jackson 2004, p. 23)
An examination of strategic, operational, and tactical intelligence and the
general categories of decisions they support provides another way to break down
resource decisions related to mitigation actions that can be supported by
intelligence products. Within the realm of intelligence-led mitigation:
▪ Intelligence for strategic decisions refers to the intelligence required for the
formation of policies or plans at agency, city, regional, or state levels. For
example, a public safety or emergency service organization receives
intelligence that an adversary overseas has recently been employing a new
type of chemical weapon, and that there is reason to believe they have the
desire and reasonable capability to use it stateside. The organization can
create a policy requiring personnel to use appropriate monitoring equipment
at all incidents to immediately determine if this type of chemical is present
at an incident site. They can also establish a city-wide plan outlining
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
11
protocols for appropriate medical countermeasures if this type of chemical
is used. These actions would help mitigate the consequences of an incident.
▪ Intelligence for operational decisions refers to the intelligence required for
planning and conducting operations to accomplish strategic objectives
within operational areas. For example, a public safety or emergency service
organization receives intelligence that munitions are being stored at an
unmarked federal facility within the response area of responsibility of a
local fire department battalion and law enforcement precinct. The
intelligence includes the facility specifications and munitions properties,
and an assessment that some structures within the facility may not be able to
withstand hurricane force winds or a moderate earthquake. The fire
department and law enforcement units can use that intelligence to identify
appropriate training and exercises for their units, perform familiarization
drills with the facility operators, and draft contingency plans for structure
collapse. These actions would help mitigate vulnerabilities of both the
facility and the responders.
▪ Intelligence for tactical decisions refers to the intelligence required for the
planning and conduct of tactical operations. For example, a public safety or
emergency service organization receives intelligence that an adversary
wishes to arm ambulances with vehicle borne improvised explosive devices
and detonate them at incident scenes to target first responders. Follow-up
intelligence indicates that an ambulance and first responder uniforms were
both recently reported missing. Law enforcement units at an incident can
use that intelligence to decide on setting a wider perimeter area around the
incident and to search all ambulances entering the perimeter. These actions
would help mitigate both a threat and the vulnerability of responders.
The oil industry provides a good illustration of an intelligence-led
mitigation approach that is being used today to make resource allocation
decisions. The principles of Tiered Preparedness and Response were developed
during the 1980s by oil industry companies and promoted by the International
Maritime Organization to ensure a risk-based system for identifying and
structuring capabilities for effectively responding to an oil spill anywhere in the
world. The system includes first looking at data on identified events that could
lead to an oil spill, the likelihood of occurrence, and the potential impacts, and
then developing scenarios that can be used to identify the most effective and
efficient resource configurations for mitigating spill-associated risks. Specific
data points examined include the probability of an oil spill, spill volume, oil type,
climate, terrain, proximity to and sensitivity of socio-economic resources, and the
feasibility to mount a safe and effective response. (IPIECA 2007, p. 6) In
practice, the analysis of this data produces intelligence that is used by the oil
Published by The Berkeley Electronic Press, 2010
12
JHSEM: Vol. 7 [2010], No. 1, Article 63
industry and relevant government bodies to make informed resource decisions for
their strategic, operational, and tactical mitigation actions.
Implementation
The most fundamental need for implementing an intelligence-led mitigation
approach is to get intelligence producers and consumers to pursue a common
mission and communicate with a common lexicon. It’s probably fair to say that
the intelligence cycle is not an intuitive process for most public safety and
emergency service personnel, and that the Incident Command System is not an
intuitive process for most members of the federal Intelligence Community or state
/ local intelligence units. Therefore achieving a state where intelligence producers
are able to provide intelligence products that meet consumer needs requires that
both sides proactively teach, learn, and find common ground. The following
provides some basic actions that organizations and personnel on both sides can
take to enhance their collective intelligence capabilities.
Intelligence Producers
Know your consumers:
▪ Understand the roles and responsibilities of public safety and emergency
service personnel, including the types of incidents they operate at and the
mitigation functions they perform. This can be done by interviewing
personnel, studying the Incident Command System, observing planning
meetings and exercises, and reading incident after-action reports.
▪ Identify the types of intelligence that could support consumer needs. While
researching public safety and emergency service mitigation functions,
capture the potential pieces of intelligence or intelligence products that
could help strategic leaders, incident commanders, and field operators make
effective resource decisions to execute those functions.
Engage with your consumers:
▪ Solicit input from public safety and emergency service personnel
throughout the intelligence cycle process to ensure a thorough
understanding of their intelligence needs and to ensure the intelligence unit
or center has the necessary components in place to meet those needs.
▪ Provide consumers with a robust feedback mechanism to capture whether or
not the intelligence provided was: accurate—validated by experience within
the operational environment; relevant—supported the ability to make
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
13
appropriate resource decisions; timely—was received when actually
needed; and, current—was not superseded by concurrent intelligence
products from other sources or by observed conditions.
Intelligence Consumers
Know your producers:
▪ Understand the federal, state, local, and private sector producers of
intelligence that exist, and their intelligence production capabilities. Reach
out to these producers to better understand what they do and how they
operate.
▪ Learn from best practices.
Identify existing relationships between
intelligence producers and other public safety and emergency service
organizations to better understand how resource decisions for mitigation
functions can be supported by intelligence products.
Engage with your producers:
▪ Solicit intelligence support from intelligence producers, instead of waiting
for them to make an offer. Producers may not be aware there are potential
consumers out there who could benefit from existing intelligence products
and/or an expansion of the current product line.
▪ Use the intelligence products and provide feedback to help shape future
products. Many intelligence producers will be eager to effectively serve the
public safety and emergency service communities, but will be ineffective
without honest feedback on the utility of the intelligence they are providing.
Intelligence Centers
Mitigation actions are generally most effective when they are the result of
collaborative actions by multiple agencies and/or disciplines. Logically, the
intelligence products to support those actions are generally best suited to meet
consumer needs when they are the result of collaborative intelligence production
efforts. There are currently numerous multiagency / multidisciplinary intelligence
centers which are either currently producing intelligence products to support
mitigation actions, or are currently capable of doing so. Some of these centers are
managed by federal agencies, including Department of Defense Joint Intelligence
Operations Centers (JIOCs) and FBI Joint Terrorism Task Force (JTTFs), while
others are managed by state and local authorities, including Terrorism Early
Warning Groups (TEWs) and state/regional/local fusion centers.
Published by The Berkeley Electronic Press, 2010
14
JHSEM: Vol. 7 [2010], No. 1, Article 63
There is no single intelligence center model that will fit the unique
intelligence production needs within every operational environment. However,
examining techniques employed within other centers may help intelligence
analysts and managers identify approaches and products their centers could adopt
to better support mitigation actions. Examples of how several intelligence centers
have addressed the intelligence needs of public safety and emergency service
organizations include:
▪ The Los Angeles Terrorism Early Warning Group (TEW) developed an
Intelligence Preparation for Operations (IPO) process—modeled after the
military’s Intelligence Preparation of the Battlefield approach—to meet the
intelligence needs of the response community. The IPO process includes
the use of a wide variety of information on local, national, and international
threats, the local response environment (e.g. population, terrain, weather,
and culture), and local response capabilities. The TEW model analyzes this
information to produce tailored intelligence products to support
preparedness and response for named areas of interest (potential target
locations) and likely incident scenarios.
▪ The Southern Nevada Counter-Terrorism Center (SNCTC) generates
intelligence products that address counter-terrorism, emergency
management, and chemical, biological, radiological / nuclear, and explosive
incident (CBRNE) response mitigation functions. Intelligence sharing by
the Center occurs across federal, state, local, tribal, territorial, regional, and
private sector entities to achieve coordinated awareness of, prevention of,
protection against, and response to domestic and international terrorist
threats, as well as major disasters and other emergencies.
▪ The Washington Regional Threat and Analysis Center (WRTAC) facilitates
the flow of intelligence across multiple levels and sectors of government
and private industry in order to protect and secure the District of Columbia
(DC) and the surrounding region. The WRTAC works with the DC Office
of Homeland Security and Emergency Management Agency (HSEMA) and
Emergency Operations Center to provide intelligence support for mitigation
actions through the development of products designed to enhance
situational awareness and create a Common Operating Picture before and
during an incident.
Conclusion
Effectively reducing the risks associated with an event requires first reducing the
number of unknowns about that event. This principle is especially applicable to
mitigating the negative impacts of incidents that could threaten life, property, and
critical services.
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
15
The unknowns about incidents—including terrorist attacks, industrial
accidents, and natural disasters—and ergo the risks associated with those
incidents can be significantly abated by providing law enforcement, security, fire
suppression, emergency medical service, hazardous material, search and rescue,
public health, environmental health, and emergency management organizations
with accurate, relevant, timely, and current intelligence. Intelligence products
must meet the actual mitigation-related intelligence requirements of these public
safety and emergency service consumers in order to meaningfully support their
ability to understand the operational environment, anticipate how that
environment might change, and ascertain changes as they occur.
Intelligence products must also be provided to these consumers when they
are actually needed. There is a tremendous amount of long-range preplanning
involved in developing the requisite operational capabilities, capacities, and
proficiencies to prevent, protect against, respond to, and recover from current and
future threats. Receiving intelligence products on these threats and related
assessments at the earliest possible moment is an imperative component for
enabling strategic leaders to make the appropriate resource decisions. And as the
threats or incidents evolve, incident commanders and field operators must
continue to be provided with the best available intelligence in order to maintain
acute situational awareness of the environment within which they are operating.
There is currently a gap in the intelligence products needed by public
safety and emergency service organizations to support their resource decisions,
and the quantity and quality of intelligence products they are receiving. This
breach between producer and consumer exists across the country and at all levels
of government.
The intelligence-led mitigation model was designed to
demonstrate how the existing principles and processes of intelligence-led policing
can be applied to a broader set of incidents, incident phases, and stakeholders in
order to effectively and efficiently fill this critical intelligence gap.
References
106th Congress, 2000. Disaster Mitigation Act of 2000 (Public Law 106–390).
Washington DC: Government Printing Office. Retrieved from
http://frwebgate.access.gpo.gov/cgibin/getdoc.cgi?dbname=106_cong_public_laws&docid=f:publ390.106.pdf
110th Congress, 2007. Implementing Recommendations of the 9/11 Commission
Act of 2007 (Public Law 110-53). Washington DC: Government Printing
Office.
Retrieved
from
http://frwebgate.access.gpo.gov/cgibin/getdoc.cgi?dbname=110_cong_public_laws&docid=f:publ053.110.pdf
Published by The Berkeley Electronic Press, 2010
16
JHSEM: Vol. 7 [2010], No. 1, Article 63
Bowman, S., 2003. Homeland Security: The Department of Defense's Role
(Congressional Research Service, RL31615). Washington DC: Library
of
Congress.
Retrieved
from
http://www.dtic.mil/cgibin/GetTRDoc?AD=ADA463091&Location=U2&doc=GetTRDoc.pdf
Center for Policing Terrorism at the Manhattan Institute (CPT), 2006. New Jersey
State Police Practical Guide to Intelligence-Led Policing. New York, NY:
Manhattan Institute for Policy Research. Retrieved from http://www.cptmi.org/pdf/NJPoliceGuide.pdf
Code of Federal Regulations Title 40: Protection of Environment (40 CFR
1508.20), 2009. Washington DC: Government Printing Office. Retrieved from
http://ecfr.gpoaccess.gov/cgi/t/text/textidx?c=ecfr&sid=8c7d0cb38679080debcf2b6c41cba048&rgn=div8&view=
text&node=40:32.0.3.3.9.0.29.20&idno=40
International Association of Chiefs of Police (IACP), 2002. Criminal Intelligence
Sharing: A National Plan for Intelligence-Led Policing at the Local, State
and Federal Levels. Proceedings of the International Association of Chiefs
of Police (IACP) Criminal Intelligence Sharing Summit,
http://www.cops.usdoj.gov/files/RIC/Publications/criminalintelligenceshar
ing_web.pdf
International Petroleum Industry Environmental Conservation Association
(IPIECA), 2007. IPIECA Guide to Tiered Preparedness and Response Volume 14. London, UK: International Petroleum Industry Environmental
Conservation Association. Retrieved from
http://www.ipieca.org/activities/oilspill/downloads/publications
Jackson, B. A., Baker, J. C., Ridgely, M. S. , Bartis, J. T. , & Linn, H. I., 2004.
Protecting Emergency Responders: Safety Management in Disaster and
Terrorism Response (Department of Health and Human Services, Centers
for Disease Control and Prevention, National Institute for Occupational
Safety and Health Publication No. 2004-144; RAND Publication No. MG170). Cincinnati, OH: National Institute for Occupational Safety and
Health, Publications Dissemination. Retrieved from
http://www.cdc.gov/niosh/docs/2004-144/pdfs/2004-144.pdf
John, T., & Maguire, M., 2004. The National Intelligence Model: Key Lessons
from Early Research (ISBN 1 84473 308 4). London, UK: Home Office,
Research Development and Statistics Directorate, Communication
Development Unit. Retrieved from
http://www.homeoffice.gov.uk/rds/pdfs04/rdsolr3004.pdf
Ministry of Defence (MOD), 2009. Reconstructing lashkar gah. Defence Focus
Magazine, June 25, 2009. Retrieved from
http://www.mod.uk/DefenceInternet/DefenceNews/DefencePolicyAndBus
iness/ReconstructingLashkarGah.htm
http://www.bepress.com/jhsem/vol7/iss1/63
Townsend et al.: Intelligence-Led Mitigation
17
Office of the Director of National Intelligence (ODNI), 2009. National
Intelligence: A Consumer's Guide. Retrieved from
http://www.dni.gov/IC_Consumers_Guide_2009.pdf
Randol, M., 2009. The Department of Homeland Security Intelligence Enterprise:
Operational Overview and oversight Challenges for Congress
(Congressional Research Service R40602). Washington DC: Library of
Congress. Retrieved from
http://assets.opencrs.com/rpts/R40602_20090527.pdf
Ratcliffe, J., 2003. Intelligence-Led Policing (ISBN 0 642 24297 6). Canberra,
Australia: Australian Institute of Criminology. Retrieved from
http://www.aic.gov.au/documents/7/E/8/%7B7E86F617-9151-4300B53B-D45F6F876360%7Dti248.pdf
Reifer, D., & Boehm, B., 2006. Providing Incentives for Spiral Developments: An
award fee plan. Defense Acquisition Review Journal, 12(1). Retrieved
from
http://www.dau.mil/pubscats/PubsCats/AR%20Journal/Reifer%20final.pdf
Sullivan, J., & Bauer, A., 2008. Terrorism Early Warning: 10 Years of
Achievement in Fighting Terrorism and Crime. Los Angeles, CA: Los
Angeles County Sheriff's Department. Retrieved from
http://www.lasd.org/tew/TEW2009.pdf
U.S. Department of Homeland Security, Immigration and Customs Enforcement
(ICE), 2010. Retrieved from http://www.ice.gov/intel/
U.S. Department of Justice, Federal Bureau of Investigations (FBI), 2004. Federal
Bureau of Investigation Strategic plan 2004-2009. Retrieved from
http://www.fbi.gov/publications/strategicplan/strategicplanfull.pdf
U.S. Department of Justice, Global Justice Information Sharing Initiative
(Global), 2009. Navigating Your Agency’s Path to Intelligence-Led
Policing. Retrieved from http://it.ojp.gov/docdownloader.aspx?ddid=1082
U.S. Department of Justice, Office of the Inspector General (DOJ/OIG), 2003.
Department Critical Infrastructure Protection: Implementing Plans to
Protect Cyber-based Infrastructure (Audit Report 04-05). Retrieved from
http://www.justice.gov/oig/reports/plus/a0405/final.pdf
U.S. Department of Justice, Office of Justice Programs (DOJ/OJP), 2003. The
National Criminal Intelligence Sharing Plan. Retrieved from
http://it.ojp.gov/documents/National_Criminal_Intelligence_Sharing_Plan.
pdf
Published by The Berkeley Electronic Press, 2010