A Comprehensive Guide to Crisis Management

Types of crises

Of course, natural disasters aren’t the only kind of crises. A crisis is simply an unanticipated event or issue that disrupts the day-to-day operations of an organisation.

Crises, by their nature, have the potential to create significant financial, safety, security, or reputational harm. And so, decision-makers who believe a crisis can’t happen to their organisation fail to understand the sheer variety of crises, which include the following:

1. Economic. Events or situations like strikes, market crashes, and labour shortages.
2. Informational. Loss of important information or organisational records, including public and/or confidential records, theft through phishing attacks, social engineering, or the leaking of sensitive data.
3. Physical. Compromised major equipment, loss of suppliers, or a major disruption at a key operating plant.
4. Human resources. The loss of a key executive or team member, vandalism, or workplace violence.
5. Reputational. Rumours and gossip that can significantly hurt the reputation of the organization.
6. Psychopathic. Unthinkable acts such as terrorism, kidnapping, or even tampering with products.
7. Natural disasters. Including tornadoes, earthquakes, fire and flash foods, disease outbreaks, etc.

To be considered fully prepared to manage the incident response, companies must have a crisis and emergency plan for each relevant scenario.

What is a crisis management plan?

So, what should companies be doing? Here, we enter the realm of crisis management planning.

Crisis management planning, one of the most important components of corporate crisis management, is the practice of proactively assessing and addressing vulnerabilities to avoid or minimise the impact of crises.

One way to think of crisis management planning, as opposed to checklist crisis management, is as the discrete set of processes that crisis management teams (in coordination with other, relevant business units) put in place before a crisis strikes to manage the effects of disruptive incidents.

The plans themselves should deal with a number of contingencies and scenarios, especially those most likely to occur in your line of work (e.g., a data breach at an online retailer).

As to what should be in your plan, the typical crisis management plan will incorporate emergency response, crisis communications, as well as the steps crisis management teams should take to trigger an official crisis.

In the words of crisis management expert, Jonathan Bernstein:

The content of the [crisis management] plan evolves from the information you gathered in steps 1 and 2, above [reverse-engineering your industry’s crises and conducting a vulnerability audit]. It contains sections on operational response, communications response, and how the respective teams responsible for those two components will coordinate with each other. And it fully integrates the use of all media for communication — traditional and social, high-tech and low-tech.

Purpose of a crisis management plan

If this all sounds intuitive, the question is, why do so few companies adequately plan for crisis? For one, it seems like the companies that experience crisis then become the ones most eager to avoid crisis in the future. Again, according to Deloitte, nearly 90 per cent of firms conducted reviews, mostly internal, following a crisis.

Those post-mortems tend to reveal that crises, while unforeseen, could have been avoided. In other words, businesses are less motivated by the fear of a potential crisis than they are by preventing a repeat of a crisis.

The benefit of crisis management planning is not just that your organisation will be better equipped to effectively respond to specific incidents but also that in planning, you identify other potential threats and are able to game out the tasks, communications, and information you’ll need to respond and recover. Furthermore, planning creates better outcomes, partly because it tamps down on some of the stress you’ll surely experience during an active crisis.

Securing better peace of mind is a crucial (oft-undervalued) benefit of crisis management planning; but there are many, many others. Like crisis management (more broadly), crisis management planning fundamentally helps firms increase the wellbeing of their employees and the safety of the public at large. For instance, businesses sitting on a stockpile of hazardous materials (inadvertently or not) would be foolish not to prepare contingency plans for accidental leaks or contaminations, which would put masses of employees and others in danger.

Crisis management checklist

How then to go about preparing your organisation for a crisis? Even with the best crisis leadership, not much gets accomplished without the right information, getting to the right people, at the right time. Unfortunately, this has been a perennial challenge to crisis preparedness.

What can you do, instead? In this case, knowledge really is power. And crisis leaders need to recognise that knowledge and information is a critical component of the crisis management checklist.

To this end, crisis leadership can demonstrate the criticality of information by making it accessible (where appropriate), understandable, and supportive of the organisation’s resilience objectives.

Here, crisis management systems come in handy in creating, retaining, and applying relevant information and supporting resilience-enhancing processes.

One of those processes is timely decision-making, where effective information management matters most. So too is information-sharing with relevant parties, including staff, customers, partners, regulators, the media, and other stakeholders.

Improving decision-making and information-sharing in the crisis response context, for instance, requires organisations investing in digital management systems that ensure better response and coordination. The capabilities that matter, here, include:

• Rapid plan and team activation. Leverage pre-configured crisis playbooks and checklists to allow quick activation and dispatch of your crisis response teams. Automate and track task allocation to ensure everyone knows what to do so you can restore normal operations ASAP.
• Easily communicate and share information. Built-in communication and collaboration tools like chat, email, SMS, and voice messages make it easy to work in real time with your team, to better coordinate your response and keep everyone informed.
• A central location for incidents. Monitor and generate crisis response tasks, as well as log and share updates, decisions, facts, and assumptions. Produce situation reports and save time briefing stakeholders on the latest.

Finally, crises like COVID have majorly upped the ante on crisis management, revealing major gaps in how organisations prepare.

Now, to absorb and adapt to the challenge, organisations will need to build and promote best-practice crisis management programs, resourcing them adequately, including with advanced critical event management software, to manage all stages of the crisis management lifecycle.

Sources

The Graduate School of Political Management at The George Washington University: What is Crisis Management and How to Recover from a Crisis. Available at https://gspm.online.gwu.edu/blog/what-is-crisis-management-and-how-to-recover-from-a-crisis/. 
Federal Emergency Management Agency: Make Your Business Resilient. Available at https://www.fema.gov/media-library/assets/documents/108451. 
Jonathan Bernstein, Bernstein Crisis Management: The 10 Steps of Crisis Prevention. Available at https://www.bernsteincrisismanagement.com/10-steps-crisis-prevention/. 
Peter Dent, Roda Woo, and Rick Cudworth, Deloitte Insight: Stronger, fitter, better: Crisis management for the resilient enterprise.