The Noggin Blog

Nowadays, firms can expect some form of value-destroying corporate crisis at least twice a decade. And even those numbers might be too optimistic. In fact, a 2018 Forrester survey found that a full 100 percent of companies experienced a critical event in the last two years. Many dealt with multiple.

Ensuring compliance with regulatory requirements is critical to your business. But crisis and business continuity planning – often mandated by law – shouldn’t be a box-ticking exercise. Unfortunately, too many firms fall into the trap. What risks do those companies face treating crisis preparedness as a compliance-first practice?

Eighty-four percent of organisations have a crisis management plan in place according to Deloitte’s global crisis survey, “Stronger, fitter, better.” Unfortunately, they don’t test those plans regularly.

When crises strike, leaders convene crisis teams comprised of internal experts. You know, senior managers with the requisite professional and technical expertise to deal with the critical event at hand.

Since the early 1990s, colleges and universities in the U.S. receiving federal funding have been mandated by law to disclose information about crime on and near their campuses. In fact, it’s the pre-condition to participating in programs associated with Title IV of the Higher Education Act, which covers federal grants, loans, and work-study programs. 

Take a look at the figures. Eighteen percent of all violent crimes occur in the workplace. Victim deaths are especially high in retail.

Everywhere you turn, disruptive critical events are in the news – so too, the companies they affect. Just look at the Forrester report, Take A Unified Approach To Critical Event Management: the study finds that 100 percent – yes, you read that right – of companies surveyed had experienced a critical event in the last two years. That’s not even the full extent of it. Many of those companies actually dealt with multiple incidents during that time frame: the average was four, discrete critical events in a two-year period.

By now, most know at least the outlines of the story. In October 2018, Lion Air Flight 670 crashed into the Java Sea on a domestic route from Jakarta to Pangkal Pinang in Indonesia. All 189 passengers and crew on board were killed. Weeks later, engine failure forced a Norwegian Air Shuttle flight to make an emergency landing in Iran. And more recently, on March 10, 2019, Ethiopian Airlines Flight 302 crashed just minutes after takeoff from Addis Ababa, Ethiopia on its way to Nairobi, Kenya. As in the case of the Lion Air crash, all 150-plus passengers and crew on board perished. The common factor between the seemingly isolated incidents? The aircraft in all three flights belonged to a relatively new line of planes: the Boeing 737 Max 8.

Over the last few years, companies have taken major steps to get their crisis preparedness house(s) in order. For instance, the 2016 Institute of Crisis Management (ICM) Annual Crisis Report found that only half of all global organizations had crisis management plans in place. Fast forward to this year, when Deloitte released the findings of its global survey of 500 crisis management executives. That study, “Stronger, fitter, better: Crisis management for the resilient enterprise,” showed that no less than 84 percent of companies had crisis management plans in place. Not the same sample set, to be sure, but still a major jump in crisis management preparedness. But though companies seem to have cottoned on completely to the crisis threat, they’re not out of the woods quite yet. That’s because the reality of crisis is completely different than the ersatz version you’ll find in crisis plans and simulations.

When compliance aims drive your crisis planning, they do so to your detriment. I know, sounds a little counter-intuitive, especially when regulators mandate that businesses prepare emergency plans for the workplace.