Comment Submitted by Persistence Analytics Group LLC
AnonymousSupportBusiness
Summary: Persistence Analytics Group LLC, a national security and infrastructure risk analytics firm, supports the proposed information collection for IPAWS MOA applications. They argue that the application process should be treated as mission-critical infrastructure and recommend that FEMA evaluate the collection through a rigorous implementation-verification framework to ensure security and reliability.
To the Federal Emergency Management Agency —
Re: Docket ID FEMA-2026-0100 — Integrated Public Alert and Warning Systems Memorandum of Agreement Applications
Persistence Analytics Group LLC respectfully submits this comment regarding FEMA’s proposed extension of the Integrated Public Alert and Warning Systems Memorandum of Agreement Applications information collection.
PAG is a national security and infrastructure risk analytics firm focused on implementation-assumption verification, decision assurance, critical-infrastructure risk, identity-system integrity, public-warning reliability, and mission assurance.
This collection should not be viewed only as a Paperwork Reduction Act burden issue.
It is part of the nation’s public-warning infrastructure.
IPAWS is relied upon to deliver emergency alerts in situations involving war, terrorist attack, natural disaster, and other hazards to public safety. The MOA application process determines which federal, state, tribal, territorial, and local alerting authorities and software systems can connect to IPAWS-OPEN and issue public alerts.
The core question is:
What must be verified before FEMA grants secure access to a system that can send life-safety alerts to the public?
PAG respectfully recommends that FEMA evaluate the collection through an implementation-verification framework addressing:
1. Alerting Authority Verification
What evidence confirms that the applicant is a legitimate federal, state, tribal, territorial, or local alerting authority with lawful jurisdiction and operational responsibility?
2. Software and System Authentication
What controls verify that the software connecting to IPAWS-OPEN is authorized, secure, tested, and not vulnerable to misuse, compromise, or spoofing?
3. Digital Certificate Governance
What standards govern issuance, renewal, suspension, revocation, and audit of digital certificates used to authenticate alerting authorities and software?
4. Permission and Event-Code Controls
What evidence supports the event types, alert permissions, dissemination channels, and geographic jurisdictions granted to each alerting authority?
5. Cybersecurity and Access-Control Risk
What assumptions must hold regarding credential protection, account access, vendor security, endpoint security, incident response, and continuity of operations?
6. False Alert and Failure Consequence
What controls prevent false, unauthorized, delayed, misdirected, duplicative, or failed alerts, and who bears responsibility if the public receives incorrect or late warning?
7. Intergovernmental Coordination
How does FEMA verify alignment among federal, state, tribal, territorial, and local policies so that alerting authority does not create conflicting or overlapping public-warning responsibilities?
8. Public Trust and Mission Assurance
What evidence demonstrates that the application process improves alerting reliability, security, and public confidence without creating unnecessary burden or excluding qualified jurisdictions?
PAG is not opposing the IPAWS MOA application process.
The issue is that IPAWS access is national public-safety infrastructure. When a system can warn the public about imminent threats, the verification layer must be treated as mission-critical.
A public-warning system is only as strong as the authority, software, credential, and governance controls underneath it.
Trust the alert. Verify the system.
Respectfully submitted,
Neil P. Osnato
Founder
Persistence Analytics Group LLC | United Grid
National Security & Infrastructure Risk Analytics
Demand Durability | Grid Stress | Load Integrity
neil@persistenceanalyticsgroup.com
609-464-9055
https://persistenceanalyticsgroup.com/
SAM.gov Registered Vendor
UEI: D3VYU39H6DX9 | CAGE: 19T34
D-U-N-S: 142849930