Your clients might be familiar with security and resilience-promoting best practices, such as organizational resilience (ISO 22316), crisis testing and exercises (ISO 22398), business continuity management systems (ISO 22301), and emergency management systems (ISO 22320). But did they know the ISO has just released new international, best-practice crisis management guidance?
First, international crisis management best-practice guidance
Indeed, the ISO released its first, comprehensive standard for crisis management, ISO 22361: 2022.
Why?
Well, the critical event climate – not just COVID and its overhang, but related supply chain, labor, and wellbeing crises, as well as geopolitical conflict and the sharp uptick in high-profile data breaches – demands special focus. And the standard, with its clear roots in British standard, BS 12000, provides just that.
The standard outlines the precise principles and practices needed by all organizations to achieve resilience. It also urges all compliant organizations to adopt a structured approach to crisis management, applying a set of principles on which a crisis management framework can be developed.
Attributes of crisis readiness
For basic crisis readiness, the standard demands the clarification of crisis roles and responsibilities, as well as the overseeing and direction of coherent actions and transparent communications during a crisis.
From there, clients will have to determine ways to mobilize crisis management resources and activate associated processes.
But that’s not all.
Flexibility and creativity are also attributes of crisis readiness. Client decision makers, for their part, must be prepared to step outside normal rules and justify the action.
Beyond resources, what’s also required to achieve crisis readiness is clarity of thought, strategic vision, decision, and the ability to act in ways that reflect the core values of the organization.
These attributes of crisis readiness can assist clients in anticipating, responding, and recovering from crises in a manner that protects its assets and objectives.
The proposed crisis management framework
How to help? Clients must establish the appropriate crisis management framework and processes for their risk profile.
That framework will contain discrete parts including:
- Crisis leadership
- Structure
- Culture
- Competence
These are likely familiar concepts for your clients. But in this age of increased crisis threats, you will need to define these concepts for the purposes of helping clients to develop or enhance their crisis management capability.
Crisis management leadership, for instance, doesn’t just mean stewardship of the crisis response and recovery. It also entails engagement in the development, maintenance, and improvement of the crisis capability.
What’s more, achieving this requires client management to ensure the following:
- Crisis management objectives are compatible with the strategic direction and core values of the organization
- Crisis management is customized to the organization’s context
- Demonstrated commitment to the crisis management capability
- Direction and support for crisis management to achieve its intended outcome
- Communication of the importance and benefits of crisis management
- Integration of crisis management into the organization’s processes
- Availability of resources for crisis management
- Promotion of continual improvement of crisis management
But that’s not all that clients need to know about the crisis management standard? For the full list of key highlights, download our Authoritative Guide to Crisis Management Standard ISO 22361.
.svg)
.svg)
.svg)