What we’ve long known about crisis management is that planning isn’t enough. Turns out, we’re quickly learning that pro forma crisis management testing isn’t, either.
Crisis management teams need to bring as much thought to their crisis management testing programs as they do to the crisis management plans they are rehearsing.
Crisis management testing breeds familiarity with resilience practices
Indeed, crisis management testing builds comfort with business resilience practices in a controlled, risk managed environment – when real crises come, the time for practice is over.
Not all tests and exercises are created equal, though.
Teams that think they can run annual tests to check the box should think again. For one, they are neglecting a key best-practice step that comes right before testing plans.
Run gap analyses to get the most out of crisis management testing
Organisations will need to conduct a needs and gap analysis. The purpose of this analysis is to establish the need for exercises and testing in the first place.
Beyond solidifying the importance of testing (especially among senior leadership), pre-testing analysis effectively signals the role of exercises and testing in managing business risks. The practical import in this is it helps stakeholders (including senior leaders) understand that conducting exercises and testing is needed to manage risks.
The question outstanding, however, is what queries might organisations ask to get started with this planning stage of the testing process? According to crisis management testing and exercises standard ISO 22398, best-practice questions include the following:
- Does your exercises and testing plan address your specific business requirements?
- Can your exercises and testing plan promote consensus among relevant stakeholders?
- Does your exercises and testing plan offer an opportunity to reach out to and interact with target group(s) and potentially address their interests?
- Does your exercises and testing plan provide an opportunity to address multiple issues in depth?
- Does your exercises and testing plan focus on key issues?
- Does your exercises and testing plan provide information tailored to target group(s)?
- Is your exercises and testing plan practical and relatively easy to implement?
- Does your exercises and testing plan provide for information transfer at relatively low cost?
- Is your exercises and testing plan easy to update?
- Is the effectiveness of your exercises and testing plan measurable?
- Is your exercises and testing plan a good vehicle for education?
- Is your exercises and testing plan creating a constructive and supportive atmosphere?
- Is your exercises and testing plan an effective way to get publicity or increase public awareness?
- Does your exercises and testing plan conform to the organisation's constraints?
Might seem like a lot to ask before even getting going. But the purpose of the needs and gap analysis is to customise your testing program so that it’s best suited to managing concrete business risks.
Another business resilience key is having the appropriate crisis management software platform in which to run your best-practice testing program. How to know what capabilities to look for? Read our Buyer's Guide to Purchasing Crisis Management Software:
.svg)
.svg)
.svg)