The Noggin Platform
The world’s leading platform for integrated safety & security management.
Find Your Solution
-
Crisis Management
-
Emergency Management
Apply best practices to plan for, respond to, and manage critical events and exercises. Built on ISO standards, you can respond faster with better collaboration using plans and playbooks, smart workflows, and real-time dashboards and insights, to ensure better incident response, decision-making, and continuous improvement.
Featured Modules
- Incident Response Plans & Checklists
- Critical Infrastructure Protection
- Welfare Checks
- Continuous Improvement
All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.
Featured Modules
- Security Threat Assessment
- Incident Management
- Planned Events
- Lone Worker Management
-
Safety Management
-
Employee Health & Wellbeing
-
Governance, Risk & Compliance (GRC)
-
Asset Management
-
Contractor Management
-
Visitor Management
-
Emergency Management
All the tools needed to automate your safety management system in one easy-to-use platform, following ISO standards. Increase efficiency with powerful automation capabilities and provide real time insights to all levels of your business. Configurable notifications, workflows, analytics, and mapping empower your safety personnel to make better decisions wherever they are.
Featured Modules
- Incident Management
- Injury Management
- Online Inductions
- Reporting & Analytics
Maintain a comprehensive view of the wellbeing of your workers, their needs, and the wellbeing initiatives conducted in your organization. Through various assessments, checks, analytics, and resources you can easily manage both the physical and mental wellbeing of personnel across various locations and programs.
Featured Modules
- Wellbeing Reporting
- Ergonomic Assessment
- Vaccination Management
A suite of tools to collect risk data from across your organziation from a range of stakeholders, in real time, and based on ISO standards. Fully customisable, with everything from a simple pre-task assessment though to an organisational risk register, we make it easy to capture risk data and provide the analytics to derive rich insights, to keep your organisation safe and compliant.
Featured Modules
- Audits
- Inspections
- Take 5
- Standards Compliance
Track all your assets from your vehicle fleet, fixed or mobile plant and equipment though to your critical infrastructure using our range of tools. Plan maintenance ahead of time and by collecting lead indicator data from checklists and assessments on any mobile device, then enable users to update the status of your assets to track utilisation, share documentation and report issues.
Featured Modules
- Asset assessments & checklists
- Workorder Management
- Planned Maintenance
- Asset Status Tracking
Save time and money by enabling contractors to self-register and progress through a customizable workflow, to check documentation before becoming an approved contractor. Contractors can then be automatically followed up using workflows and notifications to keep their organziation compliant.
Featured Modules
- Contractor Entities
- Contractor Workers
- Contractor Plant
Streamline visitor sign-in using a QR code on a form tailored for your organisation. Visitors can complete inductions, answer questions and acknowledge content then have notifications triggered to their host based on their responses. Once on site, manage visitor cards, broadcast notifications and understand visitor trends to optimise your processes.
Featured Modules
- Visitor Registration (QR Code)
- COVID Management
- Emergency Notifications
- Host Notifications
All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.
Featured Modules
- Featured Modules:
Situational Awareness & Reporting - Incident & Special Event Pre-Planning
- Damage Assessments
- Exercise Management
-
Physical Security
-
Cyber Security
-
Visitor Management
-
Critical Infrastructure Protection
-
Emergency Management
-
Governance, Risk & Compliance
-
Asset Management
-
Contractor Management
Proactively manage all aspects of physical security operations from anywhere, on any device. Based on ISO standards, streamline your operations using workflow automations to guide information capture, enrichment, follow up tasks, and notifications. Validate threats and risks to drive better investment of your resources.
Featured Modules
- Cyber Threats & Treatments
- Standards Compliance
- Audits & Inspections
- Compliance Obligations & Breaches
Manage cyber threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions, and drive continual improvement review cycles.
Featured Modules
- Cyber Threats & Treatments
- Standards Compliance
- Audits & Inspections
- Compliance Obligations & Breaches
Streamline visitor sign-in using a QR code on a form tailored for your organisation. Visitors can complete inductions, answer questions and acknowledge content then have notifications triggered to their host based on their responses. Once on site, manage visitor cards, broadcast notifications and understand visitor trends to optimise your processes.
Featured Modules
- Visitor Registration (QR Code)
- COVID Management
- Emergency Notifications
- Host Notifications
Consolidate the threat and risk picture across all your assets, easily demonstrate compliance with security obligations, and gain an ‘all threats’ perspective encompassing physical, cyber, personnel and supply chain. Address and manage cyber threats without having to implement costly new ICT systems and drive continuous improvement and review cycles.
Featured Modules
- Risk & Threat Assessments
- Security Inspections
- Crowded Place & Impact Assessments
All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.
Featured Modules
- Situational Awareness & Reporting
- Incident & Special Event Pre-Planning
- Damage Assessments
- Exercise Management
Manage cyber, emergency and security threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions and drive continual improvement review cycles.
Featured Modules
- Cyber Threats & Assessments
- Standards Compliance
- Audits & Inspections
- Compliance Obligations & Breaches
Track all your assets from your vehicle fleet, fixed or mobile plant and equipment though to your critical infrastructure using our range of tools. Plan maintenance ahead of time and by collecting lead indicator data from checklists and assessments on any mobile device, then enable users to update the status of your assets to track utilization, share documentation and report issues.
Featured Modules
- Asset assessments & checklists
- Workorder Management
- Planned Maintenance
- Asset Status Tracking
Save time and money by enabling contractors to self-register and progress through a customizable workflow, to check documentation before becoming an approved contractor. Contractors can then be automatically followed up using workflows and notifications to keep their organziation compliant.
Featured Modules
- Contractor Registration
- Permit to Work
- Work Orders
- Contractor Self-Administration
-
Business Continuity Planning
-
Crisis Management
-
Governance, Risk & Compliance (GRC)
-
Continuity of Operations (COOP)
Follow ISO standard approaches to determine disruption impacts and develop plans & recovery strategies to address risks. Track gaps, dependencies and tests, capture exercises, and manage insurance details. Scale up to any incident and back down to business as usual as quickly as possible and drive continuous improvement.
Featured Modules
- Business Impact Assessments
- Incident & Exercise Management
- Recovery Strategy Tracking
- Continuity of Operations (COOP)
Apply best practices to plan for, respond to, and manage critical events and exercises. Built on ISO standards, you can respond faster with better collaboration using plans and playbooks, smart workflows, and real-time dashboards and insights, to ensure better incident response, decision-making, and continuous improvement.
Featured Modules
- Incident Response Plans & Checklists
- Critical Infrastructure Protection
- Welfare Checks
- Continuous Improvement
Manage cyber, emergency and security threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions and drive continual improvement review cycles.
Featured Modules
- Cyber Threats & Treatments
- Standards Compliance
- Audits & Inspections
- Compliance Obligations & Breaches
Ensure preparedness across your organisation. Conduct business impact assessments and quickly identify essential functions. Assess hazard and threat risks. Identify technology, assets, facilities, and critical personnel. Gather and assemble essential information and documents. Develop, test and maintain your COOP plans. From readiness and preparedness to reconstitution, manage all four phases of the Continuity of Operations Plan to minimize business loss and disruption.
Featured Modules
- Business Impact Assessments
- Threat & Hazard Identification
- Continuity of Operations Plans Management
- Testing, Training & Exercises
Guide
10 Steps to an Effective Crisis Management Plan
Article
The Stages of Crisis: Understanding the Crisis Management Lifecycle
- Work Safety Resources
- Emergency Management Resources
- Crisis Management Resources
- Business Continuity Resources
- Security Management Resources
eBook
Understanding ISO 22361 for Crisis Management
eBook
Best Practice Strategies to Maintain Resilience
NEWS
Technology expert's tips for safety management platforms
NEWS
A Comprehensive Guide to Understanding ISO45001
Who We Are
The world’s leading platform for integrated safety & security management.
- Follow us
-
-
-
.svg)
.svg)
.svg)
What is a crisis management plan?
Crises are a fact of life, whether novel viruses, natural disasters, cyberattacks, or any other form of critical event. What then can agencies and organisations do to prepare?
High on the list of crisis preparatory activities is the crisis management plan – a catalogue of roles, responsibilities, and tasks personnel will perform before, during, and after a crisis.
The crisis management plan itself lays out how exactly to respond to a critical event that could negatively affect an organisation’s profitability, reputation, and/or ability to operate. Its purpose is to avoid or minimise damage, as well as provide direction on critical matters, such as personnel, resources, and communications – so they can be actioned effectively during the crisis.
Why you need a crisis management plan?
Not all executives will readily agree to the depletion of present resources for future contingencies. Crisis management practitioners, as such, must be able to answer why exactly the incident and crisis management plan is necessary.
The answer is simple. Planning saves. In the emergency management context, FEMA found that every dollar spent on natural disaster mitigation saved six dollars on recovery.
The data isn’t as conclusive for corporate crisis, but crisis management planning gives staff and stakeholders peace of mind, uncovers risk, accelerates response and recovery, and might ensure compliance.
Not all crisis planning is sufficient, though. Given its importance, it’s imperative to get crisis management planning right.
How to go about it? The following five steps to creating a crisis management plan should help.
Conduct a vulnerability audit to assess your current crisis preparedness.
The first step is conducting the vulnerability audit. A multi-disciplinary risk assessment, the vulnerability audit helps organisations identify areas of weakness, i.e., threats arising from normal operations, external events, or just those most common to the industry.
Organisations use this risk assessment to develop a list of potential crises, which they then rank order in likelihood of occurring as well as associated costs of responding.
Allocate a team to your crisis management plan.
Of course, crisis management planning and the crisis preparedness plan itself are only as good as the personnel tapped to execute them. That is the role of the crisis management team, a cohort of people centrally involved in the creation (then implementation) of the crisis management plan and thereby crucial to any positive outcome.
What are the relevant roles in creating a crisis management plan? It all starts with the Crisis Management Chair, heading up crisis management leadership.
Amongst the duties ascribed to the Chair, who heads up all crisis preparedness, is planning for decision making in crisis, i.e., “the process that leads to the selection of a course of action for more than one alternative option.”
Why does crisis decision making matter? When a crisis strikes, it tends to move quickly. Which means quick decisions will be required, in a high-stakes environment (possibly the highest), where information is limited, stress is acute, and scrutiny is intense. Decisions are rarely made in those conditions; and so, they should be practiced ahead of time.
As for the remainder of the core team, appoint senior managers from the company’s most important business units, such as Finance, HR, Operations, IT, Communications; specialist roles include Log Keeper, Support, etc. (See below).
Best-practice composition of your crisis preparedness and management team
Know when to initiate the crisis management plan.
The crisis management team helps to craft the plan, which should be reviewed and approved by the company Board as well as other senior management.
But that response plan is only as good as the activation guidelines it includes. To this end, the crisis management team needs to document all the criteria and indicators they will use to determine whether a crisis has occurred.
In addition to setting activation guidelines, crisis management teams should consider other relevant logistics, such as the chain of command structure for specific scenarios and where to set up your crisis command centre or off-site gathering points in the case of evacuations. In the case of the former, multiple locations might be necessary, including somewhere at headquarters and an off-site setting if headquarters are seriously compromised by the crisis.
Include playbooks and scenarios in your crisis preparedness plan.
Preparing for a crisis means playing the odds. Organisations shouldn’t plan for the worst-case scenario; they should plan for the likeliest events.
To do so, teams should develop individual playbooks (or action plans) for the specific crisis scenarios identified in the (earlier) risk assessment. Like the larger plan, these playbooks should be flexible, responsive modules.
To be actionable, though, these playbooks, as well as the master plan and other documents and policies, must be easy to deploy and refer to during a crisis. Mobile-friendly crisis management software will help.
Developing a crisis management plan exercise.
In this risk environment, though, it’s not enough to have an actionable plan if you just set it and forget it. Instead, organisations must make use of the controlled, risk-managed environment of exercises and testing. This environment helps to build familiarity and comfort with the crisis management plan.
In addition to breeding confidence, what other roles do exercises and testing play? Exercises and testing also:
- Help crisis leaders to identify problems with and solutions to latent issues with crisis management programs and practices
- Reinforce the culture of crisis competency and the value of exercises and testing
How to go about it, though? Best-practice crisis management testing standards, such as ISO 22398, suggest conducting a needs and gap analysis.
To conduct this analysis, organisations start with a list of questions, which they pose to staff (usually business line heads). Common questions include:
- Does the exercises and testing plan address requirements for exercises and testing?
- Can this plan promote consensus with interested parties?
- Does the plan offer an opportunity to reach and interact with its target group(s) and potentially address their interests?
- Does this plan provide an opportunity to address multiple issues in depth?
- Does this plan focus on key issues?
- Does the plan provide information tailored to the target group(s)?
- Is this plan practical and relatively easy to implement?
- Does the plan provide for information transfer at relatively low cost?
- Is this plan easy to update?
- Is the effectiveness of this plan measurable?
- Is this plan a good vehicle for education?
- Is this plan creating a constructive and supportive atmosphere?
- Is this plan an effective way to get publicity or increase public awareness?
- Does the plan conform to the organisation's constraints?
The gap analysis not only helps make the case for a best practice testing program, but it also indicates what kind of exercise (out of the many available options) that that program should be deploying.
Exercises companies might undertake include:
|
Alert exercise |
The purpose of an alert exercise is to test the organisation by alerting the involved participants and getting them to arrive at a designated place within a certain time. It can also be used to test an alert mechanism. This type of exercise is primarily applied to internal staff. |
|
Start exercise |
A start exercise usually builds upon the alert exercise, testing how fast the emergency management organisation can be activated and start carrying out their tasks. A start exercise is therefore a means to test and develop the ability to get started with crisis management processes. |
|
Staff exercise |
A staff exercise is designed to increase the ability to work with internal processes, staff, and information routines in order to create a common operational picture and suggest decisions. |
|
Decision exercise |
A decision exercise is primarily used to exercise decision making process within an organisation, e.g., the ability to take fast and clear decisions on actions and to initiate cooperation between those responsible and stakeholders, under time pressure. |
|
Management exercise |
This type of exercise is a combination of alert exercise, start exercise, staff exercise, decision exercise, and system exercise. The focus is often on the roles, organisation, SOPs, etc. |
|
Cooperation exercise |
A type of exercise where coordination and cooperation between management levels is exercised. A cooperation exercise can be carried out both, in large and small scales. A cooperation exercise may consist of: “Vertical” coordination (between national, regional, and local levels); “Horizontal” coordination in a sector where public and private stakeholders participate. |
|
Crisis management exercise |
A crisis management exercise simulates crisis conditions and gives personnel the opportunity to practice and gain proficiency in their plan roles. |
|
Strategic exercise |
Strategic exercise refers to comprehensive exercise activities at strategic level (e.g., inter-ministerial crisis staff, political-administrative staff, cross-sector and cross-departmental management staff, crisis management organisation of corporate management). Aims include improving the integrated crisis reaction ability in exceptional threat and danger situations (crisis situations) and developing a comprehensive coordination and decision culture. |
|
Exercise campaign |
An exercise campaign is a series of recurrent exercises with a common generic organisational structure. |
Failing to plan is planning to fail. And when it comes to crisis, failing to plan is spectacularly costly.
Organisations don’t have to pay the outsized price. By creating, testing, and updating crisis management plans, businesses can ensure better response outcomes, lower legal exposure, higher productivity, and, of course, improved peace of mind.
So, if you’re struggling to develop your own crisis management plan, Request a demo or search through our Noggin Resources for help. Go ahead, see what Noggin can do for you.
Sources:
Jonathan Bernstein, Bernstein Crisis Management: The 10 Steps of Crisis Prevention. Available at https://www.bernsteincrisismanagement.com/10-steps-crisis-prevention/.
Ibid.
Michelle G. Hough and John Spillan, Journal of Business & Economics Research: Crisis Planning: Increasing Effectiveness, Decreasing Discomfort. Available at https://www.researchgate.net/publication/242581268_Crisis_Planning_Increasing_Effectiveness_Decreasing_Discomfort.
.svg)
Download your copy
About this Article
Published May 19, 2021