29 Aug 2016, 10:15 — 10 min read
From domestic terrorism to cyber attacks, to the wrath and fury of nature, deemed as “acts of God”, any catastrophic event can put to test the crisis plans of a company. When a smooth sailing ship suddenly faces harsh and violent weather at sea, the captain of the vessel and her crew are drawn into an active role to combat and effectively handle the rough situation. Similarly, when crisis stares at the face of a company, the board members and the management are exposed to an unfamiliar situation that is very distinct from the usual. The management’s ability to react and respond to such threats has to be swift, decisive, and carefully executed to restore order and serenity.
According to a recent Deloitte online poll in the US, only a small fraction of the companies have a crisis management plan in place that has been actually tested and seems adequate. The survey revealed that many respondents, comprising executives, managers, analyst, and professionals, did not know the biggest gap in crisis preparedness and also did not have any idea if their organisation’s crisis response team was tested.
So what would essentially entail strategic considerations for a crisis management plan?
Essentially, we believe, there are eight key parameters that need consideration while forming an overall strategic crisis management framework.
Step 1: Make a plan
External agencies and third party services can be obtained to carefully design and implement a bespoke crisis management plan according to a particular organisation’s requirement. A well laid out plan and a crisis action team comprising experts from different functions, who are equipped to handle the crisis, significantly reduces unnecessary wastage of time, resource and the growing confusion within the management.
The document should essentially challenge the leaders of the organisation to meet the demands you’ll make of them tomorrow. Resistance is inevitable, after all, today is sunny and clear. In the moment of crisis and for a finite period afterward, people become more receptive to big asks. During a crisis, different people react in different ways. It is during such times of chaos that a plan becomes that clutch which defines the outcome of a crisis.
Step 2: Control hierarchy
In any organisation, a decision-making body should always have a hierarchy in place for any kind of escalation and also, for accepting the consequence of the decision that has been made. Hierarchy defines the distinct roles and responsibilities for each member at a particular level. During the crisis, having predefined roles and responsibilities saves duplication of tasks and avoids confusion.
Ultimately, someone from the leadership team has to take the ownership of the decisions taken during a crisis. The impacts due to the decision, positive or negative, have to be owned by someone from the top management. The leadership should also understand the severity of the threat and if the threat cannot be handled by them, external agencies should be allowed to intervene and take control. Example: During a terrorist attack, government should be given full access to handle and neutralize the threats.
Step 3: Formalise decision making
Decisions taken during a crisis can change the outcome of the situation. They can be data driven or situation based. With expectations of quick response time and meeting the requirement of multiple stakeholders, some amount of formalization for decision making is helpful.
For example what invokes communication with and from a general counsel or what data thresholds would decide an incident and mitigated steps being reported to your clients or customers? Another important point to understand is the legal, regulatory and statutory ramifications of the decisions taken. If the decisions are not carefully analysed, the reputation or even the existence of the organisation can be in jeopardy.
During a time of a crisis, the organisation requires capable, trusted deputies who can make independent calls in the heat of the moment. Waiting for permissions to flow up and down a command chain and a lack of empowerment to make these decisions is a recipe for paralysis at a time when it has the highest cost.
Step 4: Organise response
The response during the first few hours of a crisis is very crucial and its biggest constraint is time. Not just internal players but mutual support between government and public private agencies require preparation and planning to respond during a crisis. Interestingly, in an online poll conducted by Deloitte in the US, almost half the respondents felt there was a large gap in terms of understanding what constituted these inter-relationships along with the required skills and knowledge.
Step 5: Define monitoring parameters
Real time monitoring of a crisis situation is critical in conducting situational analysis by gathering data. Around 53 percent of the respondents had stated having identified the parameters which are required to monitor a crisis in real time, regularly share situation reports to internal and external parties and use tools for monitoring and communicating the crisis. Having protocols for understanding and communicating crisis are important as they are time saving and have a clear understanding about the severity of the threat.
Similarly, real-time monitoring of the crisis enables spreading the updates and key actions taken to internal and external parties. This can also enable the corporate crisis management team help the local crisis management team due to enhanced information sharing due to real-time monitoring. Tools and checklists are critical in gathering and recording the data and decisions made. This also helps in analysing and reviewing decisions and outcomes at a later point.
Step 6: Prepare a manual
An operating manual is essential in communicating the operating procedure during a crisis. It can be referred to at the time of the crisis in case of confusion or disagreement surrounding a decision. It is referred to by the crisis management team, which provides the crisis team with predefined information points. The operating manual specifies things like which sources of data are reliable and should be taken into account while making decisions. The operating manual has a carefully laid out operating procedure which is safe to follow without inviting any legal, regulatory, or statutory ramification.
Step 7: Information management
Information management is a formal process of capturing, tracking, and recording the crisis-related data which is used for legal, regulatory and communication purposes. It acts as a central repository for all the information which has been gathered from various data sources. Using this central repository, the management and the leadership can identify and mitigate any future crisis situation which may arise similar to the one encountered previously. The response to a similar crisis in the future will be more effective by studying and analysing the data from the information management central repository.
Step 8: Make the communication plan
Perhaps the most important part of the crisis management is communicating the news about the crisis to both the internal and external stakeholders. It is imperative to keep all the stakeholders informed about the crisis situation using a common platform. A communication plan is essential during crisis, as communication becomes the arterial line for exchange of information.
Crisis communication needs to be intertwined with all of the seven elements of a crisis framework. Without communication, there will be no coordination and cooperation between different teams. Similarly, the communication platform should be consistent for messaging the internal and external stakeholders, as it makes sure that no one misses out on the information that is being disseminated. The control over the messaging can be ad-hoc, but a regular update cycle should be in circulation for keeping the stakeholders informed about the current situation.
Ideally, organisations should think of crisis management in terms of a cycle — moving from preparation to response to recovery, and then around again — applying lessons learned from one stage to the plans and processes that support the other stages. When a real crisis arises, a traditional business continuity plan may be insufficient, especially if it hasn’t been tested.
The mistake many organisations make is to focus their crisis planning on reactive measures. With a broad, lifecycle approach to risk awareness, scenario planning, and simulation, you can help retain control of the process even when you don’t have control of events. You can build in the resiliency that has the potential to turn unforeseen events into unforeseen advantages.
Article & image source: STOrai Magazine
Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views, official policy or position of GlobalLinker.
Most read this week