How to Comply with ISO 22320
International emergency management standard, ISO 22320 lays out some minimum requirements for a command and control system deployed during an incident response which requires multiple emergency management agencies.
But with critical events increasing in kind and intensity, how do you comply with ISO 22320 efficiently? Read the article to find out.
ISO 22320 requirements for command and control in incident response
Well, what are some of the specific requirements included in the standard?
Even though ISO 22320 is a loose framework for establishing the basics of command and control within a single incident response organization, it does touch on precise aspects of incident management, including structures and procedures, decision support, traceability, information management, and, of course, interoperability.
For instance, an ISO-compliant command and control system must be able to perform certain documented actions, such as the following:
- Establishing and updating goals and objectives for the incident response
- Determining roles, responsibilities, and relationships
- Establishing rules, constraints, and schedules
- Ensuring legal compliance and liability protection
- Monitoring, assessing, and reporting on the situation and progress
- Recording key decisions
- Managing resources
- Disseminating information
Digital technology to facilitate command and control in incident response
Managing resources stands out among the list. But for resource management to be effective in compliance with ISO 22320, flexible processes must be put in place first. And these processes will ensure that resources remain available and functional throughout the incident response.
But how can agencies make that happen? That’s where digital emergency management technology comes in.
Relevant digital technology capabilities to help compliance with ISO 22320 include:
- Centralized response planning.Capabilities should work to effectively prepare for disruption by managing all incident, crisis, and emergency response plans in a centralized location. This facilitates standardization of response plan templates, protocols, and guidelines, ensuring easy access, enhanced coordination, and reduced risk of critical information being missed.
- Situational awareness.Digital technology should help equip organizations with situational awareness and threat intelligence to quickly detect emerging threats. Integrated data should help organizations easily identify potentially impacted people or assets so they can swiftly to adapt to evolving events, communicate with stakeholders, and escalate any event.
- Emergency communications.Digital technology should come equipped with in-built crisis communication and collaboration tools like chat, email, SMS, voice, and app push messages. That way they make it easy to work in real-time with teams, better coordinate the response, and keep everyone informed.
- Post-incident reviews.Agencies and organizations should have the ability to conduct meaningful after-action reviews, improvement activities, and post incident reviews to capture the key takeaways from any incident or exercise.
- Data and analytics.Of course, analytics and reporting aren’t just important in the context of post-incident reviews. They’re relevant throughout the emergency management lifecycle. And to that end, digital technology should provide for the analysis of trends and creation of dashboards to visualize metrics important to the organization or agency.
Specific capabilities, here, include create custom reports as PDF or Word documents and share with stakeholders to improve data visibility, accountability, and lessons learned.
Those capabilities, however, only scratch the surface of what’s needed to fully comply with ISO 22320. What other features of an emergency management software platform should agencies be looking for? Download our guide, Digital Technology Needed to Implement ISO 22320: Emergency management requirements for command and control, to find out.