Critical events have become increasingly disruptive facts of corporate life. A recent Forrester report documented that all companies experienced a critical event in the last two years. In fact, many dealt with multiple incidents, the average being more than four discrete critical events in a two-year period.
The critical events themselves can run the gambit: severe weather, intellectual/physical property theft, IT failure, cyber attacks, even slower boil critical issues that when left unattended spiral into major incidents. The costs of inaction or poor preparation, though, remain steep, lost productivity, eroded corporate reputation, supply chain instability, and lower revenue. So what, then, are the most effective means of counteracting the critical event threat? All indicators point towards an integrated method of rapid enterprise incident response. And that’s the provenance of critical event management.
Defining Critical Event Management (CEM)
As a concept and practice, the nascent field of critical event management bears some definition, especially since critical event is simply a catchall term for a disruptive incident of extreme consequence. Critical event management practitioners will say that their field offers thought-through measures to ensure effective critical issues and crisis preparation, response, and recovery, and thus borrows generously from techniques in incident management and response, crisis management, business continuity planning, and emergency management.
The unique intervention of critical event management, however, is that it’s conceived foremost as an integrated, or cross-functional, all-hazards practice. That means a large part of the work of critical event management practitioners is aligning a wide range of resources from across the entire business to respond to disruptive incidents; this work includes regrouping stakeholders from multiple, relevant business lines, improving inter-departmental (or multi-stakeholder) coordination and communication flows, integrating necessary processes, and post-hoc reporting and analysis.
How to know if this integrated, critical event management approach makes sense for your business? Well, it’s pretty simple. Critical incidents might sprout up in one line of the business, but they rarely stay put. The damage spreads; and it spreads quickly.
The role of technology in responding to critical events
Indeed, individual departments do invest heavily in advanced technologies as well as undertake extensive planning cycles to anticipate and respond to likely critical threats (within their business unit). However, those efforts remain largely siloed, when, in fact, a pre-planned, integrated response would prove a far more effective means for the enterprise as a whole to deal with a critical event.
What’s more, incident management siloing, whether in a business line or IT, isn’t just a less good alternative, it can actually be counterproductive. Siloing not only hinders the eventual response – when teams who lack a common operating framework are forced to work together – but also compromises the effectiveness of critical event preparedness efforts, which rely on developing a full threat picture across the business. They’re other downstream consequences of not integrating critical event management, too, such as procurement redundancies for management tools, as well as the likelihood that without a common approach, existing tools will be implemented unevenly in pockets of the organization.
On the other hand, integrated, critical event management has enormous upside. Advanced critical event management platforms enable effective, interdepartmental communication, give teams a dynamic, consolidated view of threats, automated functionality to assess and respond to those threats, as well as information capture capabilities for critical event reporting. Other business benefits include greater operational efficiency (from fewer system and process redundancies), reduced costs, and better situational awareness and response visibility (for business leaders). And, of course, the ultimate goal of integrated, critical event management: to improve your organization’s ability to keep its employees and customers safe.
Critical Event Management (CEM) platform features to consider
Finally, since the field is relatively new, you might not know where to turn. So if you’re in the market for a critical event management platform, here are some key software platform features to consider:
- Critical issue and crisis management. Record and share information about any issue or crisis, with dashboards summarizing the situation, impact, response, actions, media, and talking points.
- Integrated, secure chat. Secure chat functionality allows teams to collaborate quickly on every issue or crisis.
- Update logs. Post updates on every issue or crisis, to keep teams informed throughout the critical event lifecycle.
- Action tracking. Quickly and easily add issue actions as a simple checklist or assign each action and add more details.
- Impact and trend Indicators. Impact and trend indicators to monitor current and potential impacts and see at-a-glance if situations are improving or worsening.
- Track duration and resolution times. Duration and resolution timers to clearly monitor how long each issue has run for and when it will be resolved.
- Crisis and BCP contacts. Manage crisis teams, business continuity stakeholders, and other contacts all in one place.
- Crisis management plans. Quickly select from a series of pre-configured crisis management planning templates, or upload and enact your own customized plans.
- Template library. Select from a library of pre-configured, customizable crisis response planning templates and quickly enact them when needed.
- Crisis team stand up. Set up and activate any team via push notifications. Easily view who’s responded to a team activation and who’s currently acting in every role.
- Reputation monitoring. Monitor the conversation about your brand and the reputational impact of a critical issue or crisis. Track the volume of, sentiment behind, and engagement with your social media posts alongside your crisis timeline, actions, and updates
- Security Certified. Hosting in ISO27001 and SOC2 compliant data centers. All data is encrypted in transit using TLS v1.2 with data sovereignty provided within the US, Australia, and Europe.
Tech Republic, How to Speed up Cyberattack Recovery with Critical Event Management
Forrester: Take a Unified Approach To Critical Event Management
EMA Research: From Incident Management to Critical Event Management
For more crisis management content, follow @teamnoggin on Twitter