NFPA 1600 2019 Edition: A Resource for Every Practitioner’s and Auditor’s Toolbox

By Donald L. Schmidt|2022-05-20T18:05:14+00:00May 31st, 2019|0 Comments

The 2019 edition of the American National Standard, “NFPA 1600 Standard on Continuity, Emergency, and Crisis Management” has been published by the USA-based National Fire Protection Association. This standard, which is the most mature standard of its kind in the world, has been translated into numerous languages and adopted by numerous countries and companies in North America, South America, Asia, and the Middle East. Originally published in 1995, the 2019 edition is the 7th edition.

This important tool should be in every practitioner’s toolbox. It’s an overarching standard that defines the inter-connected elements of a preparedness program including program management, risk assessment, business impact analysis, loss prevention/hazard mitigation, emergency management, business continuity, crisis management, and crisis communications. It provides guidance for program development along with many, informative annexes. It has been designated as the criteria for program certification under PS-Prep™. NFPA 1600 is also free to download.

The technical committee that writes NFPA 1600 is comprised of subject-matter experts from the public and private sectors and representing most major industries. The standard has benefited from a revision process that has processed more than a thousand comments and proposals from end users.

The first edition of NFPA 1600, adopted in 1995, was titled “Recommended Practice for Disaster Management” using “nonmandatory” language (“should” statements, not “shall”). The 2000 edition incorporated a “total program approach” that has evolved and been expanded with each successive edition. Following the terrorist attacks of September 11, 2001, the 9/11 Commission endorsed NFPA 1600 as a voluntary National Preparedness Standard. The recommendation has been incorporated into federals laws 108-458 and 110-53, which call for voluntary certification of private sector preparedness programs. Extracts of NFPA 1600 have been referenced within Chapter 10 of NFPA 1, “Fire Code,” a standard that has been codified into fire prevention regulations across about half of the United States. 

Following a reorganization begun in the 2010 edition, NFPA 1600 aligns with the “plan, do, check, act” program development process that users of ISO standards have been accustomed. Users who want to utilize a management system standard can adopt Annex E in place of the numbered chapters.

What’s New in the 2019 Edition

With the increased emphasis on “crisis” management over the past three editions, the title now includes crisis management, and a new section “crisis management” has been added to chapter 6, “Implementation.” This section defines a “crisis management capability,” with senior leadership involvement, signals detection, identification of issues, strategy development, and more.

Another notable change is the addition of a new chapter 7, “Execution.” It defines what should be obvious but is often overlooked. Incident recognition, reporting and notification, activation and planning, incident management, documentation, and resource management are included in this new chapter. The chapter extracts the important elements of alerting, notification, and warning with activation of an incident management system.

The annexes, which are a treasure trove of valuable information, continue to expand. Annex J, “Social Media in Emergency Management” has been added. When an incident occurs, social media is alive before emergency, continuity, and crisis management responders are fully engaged. Therefore, integrating social media into all program activities—from preparedness for a forecast event to communicating with stakeholders regarding continuity and recovery information after—is a must.

Other new annexes include Annex K Emergency Communications: Public Alerts and Warnings in Disaster Response and Annex L Emergency Management, Continuity, and Crisis Management Data Interoperability.

Program Elements

Chapters 4-10 define a program designed to achieve the entity’s objectives and comply with applicable laws and authorities. Each element is written with concise language that is not overly prescriptive by design. The committee has balanced the need for greater specificity with the need for maximum flexibility by entities implementing a program using NFPA 1600.

Program management addresses leadership and commitment, the role and responsibilities of the program coordinator and program committee, program objectives, administration, laws and authorities, finance and administration and records management. The importance of program objectives should not be overlooked as it becomes part of the criteria used to evaluate the adequacy of the program.

Planning defines a process to “develop strategies, plans and required capabilities.” Risk assessment, business impact analysis, crisis management planning (new), and resource needs assessment are defined.

Implementation identifies the plans to be developed. Besides prevention, mitigation, crisis management, crisis communications, emergency operations, and continuity and recovery, incident management is included along with common program requirements. The common requirements are a simple, but effective checklist that should be in the toolbox of anyone writing or evaluating a plan document.

Program execution is the new chapter 7. 

The chapter on training and education requires development a curriculum that defines the “who, what, and when.” The stated goals are to create awareness and enhance the abilities of those who execute the program. Provision of incident management training is required.

Evaluation of plans, procedures, training, and capabilities is the goal of Chapter 9, exercises and tests. Exercises practice procedures; allow for interaction; and assess program maturity. Testing, defined as pass or fail, demonstrate capabilities. 

Program maintenance and improvement is the final chapter of NFPA 1600 and requires periodic program review or when a “trigger” such as a change in regulation, hazard, or funding occurs. A corrective action process is required to address identified deficiencies. Continuous improvement is defined as the goal of reviews and the corrective action taken to address identified deficiencies.

Using NFPA 1600

NFPA 1600 is organized into chapters and annexes. The chapters provide the “requirements” and the annexes provide explanations, references, and resources. Scope, purpose, and application are defined in Chapter 1 and definitions for words and phrases used in NFPA 1600 are compiled in Chapter 3. Chapters 4-10 are the program elements with cross-references (hyperlinks are included in the digital editions) to interdependent elements. For example, continuity strategies are dependent on output from the business impact analysis.

When you see an asterisk (*) at the beginning of a section, that’s an indication that there is explanatory text for that section in the nonmandatory Annex A. The expanding list of annexes include a self-assessment checklist; small business preparedness guide; crosswalk between NFPA 1600 and CSA’s Z1600, DRI’s Professional Practices, and Federal Continuity Directives; and guidance on maturity models; personal and/or family preparedness; individuals with access and functional needs; social media in emergency management; emergency communications, alerts and warnings; data interoperability; and informational references.

How to Obtain NFPA 1600

NFPA 1600 can be downloaded for free from the NFPA website (

Recommend0 recommendationsPublished in Enterprise Resilience

Share This Story, Choose Your Platform!

About the Author: Donald L. Schmidt

Donald L. Schmidt, ARM, CBCP, MCP, CBCLA, CEM® is the CEO of Preparedness, LLC a Massachusetts-based consulting firm that specializes in risk assessment, prevention/mitigation, emergency management, business continuity, and crisis management. He is the past chair of the NFPA 1600 Technical Committee overseeing the 2010, 2013, and 2016 editions. [email protected]

Download a copy of Preparedness, LLC’s Emergency Management, Business Continuity & Crisis Management Self-Assessment Checklist based on NFPA 1600, 2019 edition.

Leave A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.