What is crisis management?
Crisis management is an organization’s process and strategy-based approach for identifying and responding to a critical event. A critical event can be defined as any threat, unanticipated incident, or negative disruption with the potential to impact an organization’s people, property, or business processes. Being prepared to respond to, and recover from a critical event requires a sophisticated crisis management plan.
Prioritizing crisis management also helps organizations mitigate the secondary consequences of critical events. Beyond any immediate threat to people, property, and processes, critical events often yield unpredictable and cascading effects on brand reputation, customer satisfaction, employee morale, and even the supply chain. Establishing a plan can help organizations move from a position of reactivity to proactively safeguarding against all the effects a critical event can have on an organization.
Effective planning to manage critical events includes establishing a crisis management team and developing a crisis management plan to keep people safe, maintain business continuity, enable rapid recovery, and protect assets before, during, and after an event occurs. Further, it is imperative that every organization validates and tests its crisis management plan regularly, and deploys the right technology, such as critical event management platforms, to support effective response across the organization.
Read on to learn how to assemble a crisis management team, the necessary components of a successful crisis management plan, key questions for evaluation, and how to perform proper testing.
How to assemble a crisis management team
The first step in assembling a crisis management team is nominating the appropriate internal resources. These teams often comprise higher-level representatives from operations, finance, human resources, communications, IT, and legal, with at least one member of the executive team included as well. Within this group, a crisis manager will be nominated to lead the execution of the crisis management plan, including the organization’s public response to the event.
It is helpful if organizations recruit crisis management team members who specialize in a specific component of the crisis management plan. For example, a senior IT team member with a deep knowledge of the organization’s digital environment would likely provide the best insights into how a critical event may impact digital operations. Or, a human resources representative already responsible for employee relations would be able to weigh in on how to best handle any specific employee needs during or after specific kinds of events. Senior leadership could advise on major decisions to ensure any actions are in line with the company goals, whereas legal could ensure that the action plan is compliant with mandatory rules and regulations in the industry.
Building a crisis management plan
A timely and precise response to any critical event is essential to minimize impact, which necessitates a crisis management plan. A successful crisis management plan can prevent delays, missed tasks and assignments, and slow crisis response times. Even if a crisis isn’t digital in nature, a digital-first strategy is the best way to approach developing a crisis management plan. For example, if the organization has only one physical campus, an on-premises solution could prove a pitfall if the operations center were to become inaccessible.
Successful crisis management plans are built on the foundation of clear and rapid communications facilitated by critical event management technology. Implementing critical event management technology also ensures the safety of people, the protection of assets, and the effective recovery of business as usual.
Successful crisis management plans bolstered by critical event management technology can address five essential topics that must be considered during a critical event: people, facilities/critical infrastructure, technology, business, and brand reputation.
People: People are every organization’s most important asset, and organizations have a duty of care to their employees. In every critical event, the crisis team needs to know if lives are in danger, if there is a threat to physical safety, and if there will be an impact on employees, customers, and visitors. Organizations also need to be able to quickly and reliably reach all their people before, during, and after critical events.
Facilities/Critical Infrastructure: Facilities and critical infrastructure must be monitored to determine whether they have been impacted by the event or are at risk if the crisis plays out over time.
Technology: An organization’s technology needs to be kept safe during a crisis, with backups being accessible if something goes down. If there is there a service disruption or an information security issue, the crisis management plan needs to identify who can respond to the outages and make appropriate tools accessible again.
Business: Maintaining business continuity needs to be included in the crisis management plan. How can an organization still perform mission-critical business processes during critical events? What customers might be impacted? Even during a crisis, businesses need to be operational, and the crisis management plan needs to solve for how this is possible no matter the event.
Brand Reputation: Brand reputation may seem like a lower-tier priority, but in fact it’s quite the opposite. In a crisis, brand reputation is at stake. How an organization responds to disaster can impact short- and long-term favorability.
Ten questions to help evaluate a crisis management plan
Evaluating a crisis management plan requires frequent reviewing, determining whether the components of the plan are necessary and adequate to protect, manage, and recover from a critical event, and assessing the feasibility of planned actions. Below are ten questions organizations can ask themselves to perform more successful evaluations of their crisis management plan.
- How frequently do we review and update our crisis management plan to ensure it remains relevant and effective?
- Have we clearly defined roles and responsibilities for key personnel during a crisis? Are these roles well-understood and regularly rehearsed?
- What metrics or key performance indicators (KPIs) do we use to measure the success of our crisis management efforts?
- Do we have a comprehensive understanding of the potential risks and vulnerabilities that could trigger a crisis in our organization?
- Have we conducted scenario-based simulations or tabletop exercises to test the responsiveness of our crisis management team?
- How quickly can we activate our crisis management plan from the moment a crisis is identified? Are there clear triggers for activation?
- Are our communication protocols well-defined, both internally and externally, to ensure timely and accurate information dissemination during a crisis?
- Have we established relationships with external stakeholders, such as government agencies and community organizations, to facilitate coordinated response efforts in a crisis?
- Do we have a robust system for gathering and analyzing data and feedback following a crisis to identify areas for improvement in our crisis management plan?
- Are our crisis management resources, including personnel, technology, and facilities, adequately funded and maintained to meet the demands of various crisis scenarios?
These questions can help organizations assess and enhance the effectiveness of their crisis management plans to better prepare for and respond to potentially critical events.
Testing a crisis management plan
Testing a crisis management plan is a non-negotiable step in validating the plan’s ongoing efficacy. It ensures the crisis management plan can be executed as designed and reveals any gaps in the intended flow of operations or personnel assigned to the task force. Periodic testing also affirms that no aspects of the plan become obsolete.
A crisis management plan should be tested against specific scenarios. Simulations of natural or human-made disasters that are common threats to your business are the best practice; for example, if your organization is in a tropical, coastal region, a hurricane preparedness drill is wise. Scenario-based testing will allow the crisis management team to ensure accurate contact information, that scenario-specific messaging is loaded into the critical event management tool, and that the execution of emergency notifications goes as intended.
Testing a crisis management plan can identify gaps and enable the organization to account for conditions such as:
- Human error: Crises are high-stress situations, which increase the risk of human error while individuals work under extreme pressure. It’s vital to ensure the crisis management team is comfortable under pressure and isn’t working through the crisis management plan for the first time.
- Email fatigue: It’s easy to become overwhelmed by email notifications, and employees may tune out crisis notification emails. Organizations need to reach the right people, at the right time, with a method they’re guaranteed to see.
- Time delays: When every second counts, there’s no time to be lost to manual processes. Digitizing crisis response actions using defined policies and a critical event management tool ensures organizational resilience.
- Dispersed workforce: With the move to remote work, the risk of making errors increases when the response team is in different places.
When seconds matter, any time spent regrouping or redoing work is too much. To implement a successful and complete crisis management strategy, an automated, end-to-end solution like the Everbridge critical event management platform (CEM) covers all the bases. Our CEM platform ensures rapid and reliable emergency notification, collaboration among disparate teams, and automation of manual processes. Everbridge CEM can increase your speed and decisiveness while improving the accuracy of your organization’s crisis management assessment and response.
To learn more about what the Everbridge critical event management platform can do for your organization: