Skip to main content
ISO 22361 in Incident Management

ISO 22361 in Incident Management

$299.00
Who trusts this:
Trusted by professionals in 160+ countries
Your guarantee:
30-day money-back guarantee — no questions asked
How you learn:
Self-paced • Lifetime updates
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
When you get access:
Course access is prepared after purchase and delivered via email
Adding to cart… The item has been added

This curriculum spans the equivalent of a multi-workshop governance integration program, guiding participants through the detailed alignment of ISO 22361 with public sector incident management structures, cross-agency coordination mechanisms, and ongoing service improvement processes.

Module 1: Understanding the Role of ISO 22361 in Public Sector Incident Response

  • Determine whether ISO 22361 applies to a municipal emergency management agency based on service delivery scope and stakeholder expectations.
  • Map existing incident command structures (e.g., ICS/NIMS) to ISO 22361’s service leadership framework to identify gaps in accountability.
  • Decide whether to adopt ISO 22361 as a standalone governance model or integrate it with ISO 22301 for business continuity alignment.
  • Assess the readiness of public sector leadership to delegate service governance authority under ISO 22361’s leadership requirements.
  • Identify which external agencies (e.g., fire, health, transportation) must be included as service stakeholders in governance planning.
  • Document service delivery objectives that align with public safety mandates while meeting ISO 22361’s outcome-based approach.
  • Negotiate data-sharing agreements with partner agencies to support transparent performance monitoring under the standard.
  • Establish thresholds for when service disruptions trigger formal governance reviews per ISO 22361 Clause 9.3.

Module 2: Defining Service Leadership and Accountability Structures

  • Assign a designated Service Leader role with documented authority to make resource allocation decisions during incident response.
  • Develop a RACI matrix that clarifies decision rights between the Service Leader, incident commanders, and agency heads.
  • Implement a sign-off process for service performance reports to ensure leadership accountability under Clause 5.1.
  • Define escalation paths for unresolved service delivery conflicts between agencies during multi-jurisdictional incidents.
  • Create job descriptions that embed ISO 22361 governance responsibilities into senior emergency management roles.
  • Conduct quarterly leadership reviews of service performance data to fulfill ongoing commitment requirements.
  • Integrate service leadership responsibilities into emergency operations center (EOC) activation checklists.
  • Resolve conflicts between elected officials’ directives and ISO 22361’s requirement for evidence-based service decisions.

Module 3: Stakeholder Engagement and Expectation Management

  • Conduct structured interviews with hospital networks, utilities, and NGOs to document their service expectations during disasters.
  • Develop a stakeholder communication calendar that aligns with ISO 22361’s requirement for ongoing engagement.
  • Decide which stakeholder feedback mechanisms (e.g., surveys, advisory panels) will be used to inform service improvements.
  • Balance public transparency demands with operational security by defining what service performance data can be disclosed.
  • Establish a process for incorporating community feedback from after-action reports into service planning.
  • Negotiate service-level expectations with transportation agencies for evacuation support during declared emergencies.
  • Manage conflicting stakeholder demands—e.g., rapid response vs. resource conservation—during prolonged incidents.
  • Document stakeholder input in governance meetings to demonstrate compliance with Clause 4.2.

Module 4: Service Design and Capability Planning

  • Define service boundaries for emergency shelter operations, including triggers for activation and deactivation.
  • Map required capabilities (e.g., mass care, logistics, medical support) against ISO 22361’s service design requirements.
  • Determine whether mutual aid agreements fulfill capability gaps or require internal resource development.
  • Validate service design assumptions using historical incident data from past flood or wildfire responses.
  • Integrate interoperability requirements for communication systems across agencies into service design documentation.
  • Specify minimum staffing levels and skill sets required for each service component during Tier 2 incidents.
  • Assess the feasibility of maintaining surge capacity for services without overburdening regular operations.
  • Document service dependencies (e.g., fuel supply for generators) to support risk-informed design decisions.

Module 5: Establishing Service Performance Metrics and Monitoring

  • Select KPIs such as shelter occupancy rate, response time to critical infrastructure failure, and resource deployment latency.
  • Configure real-time dashboards in emergency management software to track service performance during incidents.
  • Define acceptable performance thresholds for each KPI based on historical benchmarks and stakeholder expectations.
  • Implement automated alerts when KPIs breach predefined thresholds during active incident response.
  • Decide how frequently performance data will be reviewed during incident phases (e.g., hourly in activation, daily in recovery).
  • Validate data accuracy from field reports by cross-referencing with EOC situation reports and GIS data.
  • Address discrepancies between perceived service performance (e.g., public complaints) and measured KPIs.
  • Archive performance data post-incident for use in governance reviews and capability improvement planning.

Module 6: Governance of Incident Response Execution

  • Activate the governance framework within two hours of EOC activation per predefined incident classification criteria.
  • Conduct daily governance briefings with agency leads to review service performance and adjust priorities.
  • Document decisions to deviate from standard operating procedures due to resource constraints or evolving conditions.
  • Authorize reallocation of personnel from non-critical services to high-demand areas based on performance data.
  • Enforce compliance with communication protocols to ensure consistent messaging across responding agencies.
  • Intervene when a service component (e.g., debris removal) consistently fails to meet performance targets.
  • Balance immediate operational needs with long-term service sustainability during prolonged incidents.
  • Ensure all governance decisions during response are logged for audit and post-incident review.

Module 7: Post-Incident Review and Service Improvement

  • Initiate a formal governance-led review within 72 hours of incident stabilization.
  • Compile performance data, field reports, and stakeholder feedback into a consolidated review package.
  • Facilitate cross-agency workshops to identify root causes of service delivery failures.
  • Determine which service components require redesign based on after-action findings.
  • Prioritize improvement initiatives using a risk-based scoring model (e.g., impact vs. feasibility).
  • Update service design documents and SOPs to reflect approved changes from the review process.
  • Assign ownership and deadlines for implementing corrective actions from the review.
  • Track completion of improvement actions in the organization’s risk and compliance management system.

Module 8: Integrating ISO 22361 with Other Management Systems

  • Align ISO 22361 service objectives with ISO 22301 business continuity strategies for critical infrastructure.
  • Map ISO 22361 governance roles to ISO 9001 quality management responsibilities in emergency services.
  • Consolidate internal audit schedules to cover ISO 22361, ISO 27001, and ISO 14001 requirements efficiently.
  • Integrate risk assessments from ISO 31000 into service design and performance monitoring processes.
  • Use common documentation templates across standards to reduce duplication in policy development.
  • Coordinate management review meetings to address performance across all integrated systems.
  • Resolve conflicting requirements—e.g., data retention under ISO 27001 vs. public records laws—during incident response.
  • Train auditors to evaluate compliance with ISO 22361 within broader integrated management system audits.

Module 9: Sustaining Governance Through Organizational Change

  • Update governance roles and responsibilities following agency reorganizations or leadership transitions.
  • Conduct refresher training for new EOC staff on ISO 22361 governance procedures annually.
  • Revise service design documentation when new technologies (e.g., drones, AI dispatch) are deployed.
  • Assess the impact of budget reductions on maintaining minimum service capabilities.
  • Incorporate governance requirements into procurement contracts for third-party emergency services.
  • Maintain governance continuity during transitions between elected officials with differing policy priorities.
  • Use tabletop exercises to test governance decision-making under simulated organizational stress.
  • Archive historical governance records to support institutional memory and regulatory audits.
!