Source: Centers for Disease Control and Prevention Public Health Associates (June 2023).

Five Key Domains of Incident Management

Throughout the United States, incident management is often closely associated with the Incident Command System (ICS), the National Incident Management System (NIMS), and other federal doctrine. However, effective incident management is not necessarily about alignment with doctrine. Instead, it is about a set of activities for managing an incident. Although ICS-NIMS may play a role in guiding those activities, conflating policy doctrine with activity risks turns incident management into a box-ticking exercise. It can create barriers to engaging with those who do not use ICS-NIMS – whether because they disagree with the utility of ICS-NIMS doctrine, lack training, or have adapted or supplemented ICS-NIMS to meet their community’s needs. A new free toolkit can help incident management teams assess and maintain their effectiveness.  

RAND recently completed a five-year project funded by the Centers for Disease Control and Prevention to characterize and develop measures related to the set of activities necessary for incident management. As part of this project, discussions with more than 50 incident managers and other experts and existing doctrine and research on incident management helped to identify five key domains that together comprise incident management: 

  1. Situational Awareness and Information Sharing; 
  2. Incident Action and Implementation Planning; 
  3. Resource Management and Mobilization; 
  4. Coordination and Collaboration; and 
  5. Feedback and Continuous Quality Improvement. 

The following sections provide greater detail on each of these domains. 

Domain 1: Situational Awareness and Information Sharing 

What this domain includes: This domain encompasses the perception and characterization of incident-related information to identify response needs. 

Why this domain matters: Incidents evolve over time. Identifying incidents as they emerge, characterizing them, and sharing information are necessary steps in starting the incident management process. These steps are also continued activities fundamental to adapting to the environment. 

Domain 2: Incident Action and Implementation Planning 

What this domain includes: This domain encompasses the ongoing articulation and communication of decisions in coherent incident action plans. 

Why this domain matters: Incident management requires decision-making – decisions must be made for actions to occur. By its nature, incident management is a team effort, so decisions must be articulated in incident action and implementation plans. 

Domain 3: Resource Management and Mobilization 

What this domain includes: This domain encompasses the deployment of human, physical, and other resources to match ongoing situational awareness, identification of roles, and relevant decisions. 

Why this domain matters: Incident management necessitates having the right human, material, and organizational resources at the right place, at the right time, and in the right amount. Ad hoc efforts to procure and deliver resources may result in less-than-ideal outcomes. Therefore, formal processes through resource management and mobilization are necessary. 

Domain 4: Coordination and Collaboration 

What this domain includes: This domain encompasses engagement and cooperation between different stakeholders, teams, and departments in managing the incident. 

Why this domain matters: Many different people and organizations are involved in incident management – from small nongovernmental organizations and community leaders with insight into specific populations to large government entities providing technical support and critical expertise. Listening, harmonizing, and collaborating are how these stakeholders can work together. 

Domain 5: Feedback and Continuous Quality Improvement 

What this domain includes: This domain encompasses the need for ongoing evaluation and refinement of incident management processes. 

Why this domain matters: Incidents are periods of near-constant change, meaning that efforts must be made to step back, understand what is and is not working well, and develop course corrections. Change also occurs over a long period at a slower scale, so similar processes should be enacted. 

These domains are core to incident management – regardless of the incident, incident management team, and policy doctrine that members of the incident management team are using. Understanding them can help ensure incidents are managed appropriately using practices that can quickly and efficiently resolve them. 

Additional Information and a Free Toolkit 

These domains can help teams enhance their incident management practices. More information on these domains is available in the 2022 Disaster Medicine and Public Health Preparedness article, “Conceptual Framework for Understanding Incident Management Systems During Public Health Emergencies.” Drawing on these domains and in partnership with 20 public health and non-public health incident management teams managing fires, floods, disease outbreaks, and other public health-related incidents, RAND developed a free Incident Management Measurement Toolkit. This toolkit helps teams assess their incident management effectiveness during and after public health incidents and realistic exercises. 

Aaron Clark-Ginsberg

Aaron Clark-Ginsbergis a behavioral/social scientist at RAND, a nonprofit, nonpartisan research institution. 



Translate »