Capabilities of a Disaster Management System
US National Institute of Justice Report
Capabilities Identified
| Feature | Description |
|---|---|
| 1.1 | Application models |
| 1.1.1 | Does the product use the application service provider (ASP) application model? |
| 1.1.2 | Does the product use the local area network (LAN) hosted client-server model? |
| 1.1.3 | Does the product use a hybrid of the ASP and LAN models? |
| 1.2 | Server hardware/OS |
| 1.2.1 | Does the product support a server hardware configuration that allows the product to be run at a vendor-managed site (ASP)? |
| 1.2.2 | Does the product support a server hardware configuration that allows the product to be run at a customer-managed site (LAN)? |
| 1.2.3 | Does the product support a server hardware configuration specification that allows the product to be run at a customer-managed site and at a vendor-managed site simultaneously (hybrid)? |
| 1.2.4 | Does the product run on industry-standard server operating systems? |
| 1.3 | Server application software installation |
| 1.3.1 | Can all server software required to use the product be installed by a midlevel system administrator? |
| 1.4 | Server application software |
| 1.4.1 | Does the server application software provide robust performance in a single-site, mid-tier user environment? |
| 1.4.2 | Does the server application software support and provide robust performance in a multi-site, mid-tier user environment? |
| 1.5 | Client hardware/OS |
| 1.5.1 | Does the product support user access from a personal computer? |
| 1.5.2 | Does the product support user access from a personal digital assistant (PDA)? |
| 1.5.3 | Does the product support user access from a pager? |
| 1.5.4 | Does the product support user access from a digital cellular phone? |
| 1.5.5 | Does the product support telephony (keypad data entry) user access? |
| 1.6 | Client application software installation |
| 1.6.1 | Can all required client software to use product be installed by the typical end user? |
| 1.6.2 | Can all required client software be remotely installed by the system administrator? |
| 1.7 | Client application (user interface) |
| 1.7.1 | Does the product support a standard Web browser as the user interface? |
| 1.7.2 | Does the product support a nonbrowser software application that runs on top of the operating system as the user interface (e.g., a Windows application)? |
| 1.7.3 | Is the user interface user friendly? |
| 1.7.4 | Is sufficient user training available? |
| 1.7.5 | Is reporting capability available? |
| 1.8 | Administration/maintenance |
| 1.8.1 | Is the application administration user friendly and can it be done by a midlevel systems administrator? |
| 1.8.2 | Is the user administration robust and user friendly? |
| 1.8.3 | Is the upgrade procedure user friendly? |
| 1.9 | Communication/integration |
| 1.9.1 | Can users that are not local (via LAN) to the application server access the application? |
| 1.9.2 | Does the product integrate with office automation applications? |
| 1.9.3 | Can data be imported from outside systems? |
| 1.9.4 | Can data be exported to outside systems? |
| 1.9.5 | Does it support alert notification with auto call script? |
| 1.9.6 | Has the product been integrated to exchange information with other agencies? |
| 1.9.7 | Can the product autopopulate a Web site to be used for public information? |
| 1.10 | General security environment feature comparison |
| 1.10.1 | Does the product provide well-documented secure usage capabilities? |
| 1.10.2 | Does the product utilize networking protocols that ensure good security? |
| 1.10.3 | Does the product work with firewalls in a secure manner? |
| 1.10.4 | Does the product provide the capability to handle e-mail in a secure manner? |
| 1.10.5 | Does the product require a username/password to access the software and provide the capability to handle usernames/passwords in a secure manner? |
| 1.10.6 | Does the product make use of a Web server? |
| 1.10.7 | If the product is a LAN-based application, is remote access permitted? |
| 1.10.8 | Does the product work properly with common computer security tools? |
| 1.10.9 | Can the product be configured to alert on suspicious activity? |
| 1.10.10 | Does the product provide event logging? |
| 1.10.11 | Does the product provide secure user data access control mechanisms? |
| 1.10.12 | Do the databases used by the product responsibly handle overflows? |
| 1.10.13 | Does the product store data in a secure manner? |
| 1.11 | ASP security environment feature comparison |
| 1.11.1 | Does the ASP provide documented security plans? |
| 2.1 | General functions |
| 2.1.1 | Is the product is structured to support operations along organizational roles? |
| 2.1.2 | Does the product generate an incident/event log (using “event” to denote either event or incident)? |
| 2.1.3 | Does the product comply with ESF or ICF protocols? |
| 2.1.4 | Does the product have date stamps universally available throughout the product? |
| 2.2 | Organization structure |
| 2.2.1 | Does the product support the different functional roles within an ICS organizational structure? |
| 2.2.2 | Does the product support the different functional roles within an ESF organizational structure? |
| 2.2.3 | Does the product allow the user to build an ad hoc organizational structure? |
| 2.3 | Events |
| 2.3.1 | Does the product permit the linkage between incidents and events? |
| 2.3.2 | Is the product structured to support the management of different types of incidents/events (using “event” to denote either incident or event)? |
| 2.3.3 | Does the product support multiple events (using “event” to denote either incident or event)? |
| 2.3.4 | Can the product support incident/event activities (using “event” to denote either incident or event)? |
| 2.3.5 | Can the product be used to manage nominal (day-to-day) activities (using “event” to denote either incident or event)? |
| 2.3.6 | Can the product be used to manage high profile incidents (using “event” to denote either incident or event)? |
| 2.3.7 | Can the product be used to perform exercises concurrent with daily operations? |
| 2.3.8 | Can the product be used to perform individual training concurrent with daily operations? |
| 2.4 | Planning |
| 2.4.1 | Does the product support the development of incident/event plans and annexes (using “event” to denote either incident or event)? |
| 2.4.2 | Does the product provide predefined templates for various incidents/events (4=pre-plan defined, 3=template) (using “event” to denote either incident or event)? |
| 2.4.3 | Does the product support the development of planning templates? |
| 2.4.4 | Does the product support the development of standard operating procedures and checklists? |
| 2.4.5 | Does the product support the development of contact lists/personnel databases? |
| 2.4.6 | Does the product contain duty roster capabilities? |
| 2.4.7 | Does the product provide the means to collect historical and predictive data for risk assessment and mitigation? |
| 2.5 | Operations execution |
| 2.5.1 | Does the product support the execution of emergency operations procedures (using “event” to denote either incident or event)? |
| 2.5.2 | Does the product support the execution of checklists? |
| 2.5.3 | Does the product provide alert notification capabilities? |
| 2.5.4 | Does the product provide essential contact capabilities? |
| 2.5.5 | Does the product provide the capability to assign tasks? |
| 2.6 | Resource management |
| 2.6.1 | Does the product allow user to maintain a current inventory of available resources? |
| 2.6.2 | Does the product allow the user to assign tasks to resources? |
| 2.6.3 | Does the product manage people resources? |
| 2.6.4 | Does the product manage equipment resources? |
| 2.6.5 | Does the product manage supply resources? |
| 2.6.6 | Does the product manage facility (hospital, shelters, etc.) resources? |
| 2.6.7 | Does the product support cost management? |
| 2.6.8 | Does the system provide status, alerts, and alarms for emergency resources? |
| 2.7 | Organizational communications (local, regional, State, national, external agencies) |
| 2.7.1 | Does the product provide an automated method of interfacing to other EMAs and/or EMAC? |
| 2.7.2 | Does the product provide an automated method of interfacing to other civil authorities or private-sector elements? |
| 2.7.3 | Does the product provide an automated status of the various field emergency command centers? |
| 2.8 | Displays |
| 2.8.1 | Does the product provide geographic information system (GIS) capabilities? |
| 2.8.2 | Is the product integrated with GIS capabilities? |
| 2.8.3 | Does the GIS product support the development of briefing and presentation materials (using “event” to denote either incident or event)? |
| 2.9 | Interfaces |
| 2.9.1 | Does the product’s GIS system provide integration with various sensors? |
| 2.9.2 | Can the GIS system be integrated with control systems? |
| 2.10 | Incident/event modeling |
| 2.10.1 | Does the product interface with modeling packages? |
| 2.10.2 | Does the product model threats to the safety of people, including warning and evacuation (5–4=allows model to activate incident responses with EMA concurrence, 3=provides integrated GIS modeling display, 2–1=overlays model on displays)? |
| 2.10.3 | Does the product model the containment of an incident, including road transit around the incident (5–4=allows model to activate incident responses with EMA concurrence, 3=provides integrated GIS modeling display, 2–1=overlays model on displays)? |
| 2.10.4 | Does the product model road transit for traffic control around an incident or for evacuations (5–4=allows model information to activate incident responses with EMA concurrence, 3=provides integrated GIS modeling display, 2–1=overlays model on displays)? |
| 2.10.5 | Does the product model damage prediction (5–4=allows model information to activate incident responses with EMA concurrence, 3=provides integrated GIS modeling display, 2–1=overlays model on displays)? |
| 2.11 | Reference data |
| 2.11.1 | Does the product provide links to different types of reference data? |
| 2.11.2 | Does the product provide access to public Web sites? |
| 2.11.3 | Does the product provide information on points of contact for all organizations, both public and private? |
| 2.12 | Reporting |
| 2.12.1 | Does the product provide standard reports? |
| 2.12.2 | Does the product provide user-defined incident reports? |
| 2.12.3 | Does the product provide ICS-compliant incident action plan reporting forms? |
| 2.12.4 | Does the product provide ICS-compliant initial incident information reporting forms? |
| 2.12.5 | Does the product provide ICS-compliant planning forms? |
| 3.1 | Help desk |
| 3.1.1 | Does the vendor provide help desk services? |
| 3.2 | Upgrades |
| 3.2.1 | Does the vendor provide version upgrades? |
| 3.3 | Consulting |
| 3.3.1 | Does the vendor offer consulting services? |
| 3.4 | User groups |
| 3.4.1 | Have user groups been established? |
