5 Tips for Creating Better Crisis Management Plans

Like a lot of people, you may be wondering what comes next for your business or organization following the Coronavirus outbreak (or any other crisis for that matter). Well, you’ve come to the right place. The Coronavirus outbreak has created a renewed focus on crisis management and risk mitigation for many organizations, especially when it comes to public health risks.

We created this blog as a case study to show business owners how to prepare a comprehensive business continuity and crisis management plan that will help them recover faster, and prevent future crises.

You just need the right tactics.

DOWNLOAD OUR FREE TOOLKIT

Why should you listen to us?

  • With over 30 years of security management experience, a vast majority of companies we’ve encountered are critically under prepared for a crisis
  • We are the only company that advises and manages professional security programs for organizations worldwide.
  • The Coronavirus outbreak has completely rewritten the rules on crisis management.
  • The tips and strategies we teach aren’t from some random retired law enforcement official who runs a consultancy as a side hustle, but instead from diverse collection of industry leading subject matter experts who have real-world experience in business.
  • It only takes one bad day to destroy what you’ve spent your life building. We want you to thrive, and we are here to answer the call, even if it’s at 4:30 in the morning.

In light of the worldwide Coronavirus crisis, we, as a company, have decided to make our business continuity resource center available to the public. Below is a excerpt from our forthcoming ebook titled the “Business Continuity and Crisis Management Playbook.” Over the coming weeks we will be publishing tips, insight, expert analysis, and new operating standards to help companies recover faster, secure what matters most, and protect themselves and their employees in the future. We have put together this guide to help you prioritize action, build on the lessons we’ve learned, and better insulate your employees and assets from future crises.

In our 30+ years of business, a large percentage of the companies we have encountered are either totally unprepared or critically under prepared for crises — even the most predictable ones. Many do possess what the industry refers to as  “operational response” plans for specific contingencies, primarily relating to natural disasters. These “how we will protect each person physically” plans remain an inadequate form of communications. They fail to plot for the much wider variety of crises, along with strictly reputation-threatening crises, to which every company or organization is vulnerable.

DOWNLOAD OUR FREE TOOLKIT

Nearly 60% of all senior crisis control executives say they are facing more crises today than they did 10 years ago, according to research from Deloitte. From current events such as the global Coronavirus Pandemic to internal issues that can suddenly blow up (think hacking, or defective products) 80% of companies will be confronted by some type of crisis in the next two years. How prepared are you?

Cyber and safety incidents are the most common issues, followed closely by security incidents, performance issues, and finally regulatory or environmental concerns. The fallout can be extensive: beyond simple reputational damage, a crisis can devastate worker morale and sales, not to mention long-term financial performance. Well over 50% of organizations see a jump in consumer complaints after an incident. Once the damage is done, it can quickly metastasize into a broader crisis before you fully understand what is happening. Those facts taken alone are jarring, however, when combined with the fact that 93% of all companies without a recovery plan are out of business within a year; it becomes more important than ever to have a well thought out plan for how your business and team will handle the next crisis.

DOWNLOAD OUR FREE TOOLKIT

The Growth of Crisis Management

Crisis management plans are now ubiquitous among the world’s largest corporations. 84% of the world’s fortune 500 companies have individual strategies in place. These plans have been tested to reduce monetary fallout, with Deloitte noting that less than one-third of corporations with a plan document any negative impact on financial performance compared to companies without a plan.

However, a plan alone does not assure a company’s ability to efficiently navigate a crisis. While the studies indicate a tremendous majority of executives accept as fact that their organizations are able to cope with a disaster, most businesses have not tested their preparedness. The most common eventualities that organizations have simulated are generally machine disasters and cyber-attacks, however even then, half of all respondents failed to follow through with the reported recommendations including maintaining a regime of regular ongoing testing. Despite this, 90% of executives say they feel confident in their organization’s ability to respond to a crisis. There is clearly a disconnect. Luckily, this problem is relatively easy to fix.

Tip 1: Systematically test your plans with stakeholders and board members.

Simply testing a disaster plan with senior board members substantially reduces both the number of crises as well as the negative consequences when they do arise — 21% of enterprises that include board members in their crisis management plans reported a decrease in the number of crisis situations they faced, compared to only 2% of the control group. This has the added benefit of creating an open framework for dialog as well as buy-in from each of the stakeholders.

Tip 2: Create realistic crisis simulations.

Creating crisis simulations that mirror an agency’s individual market, shape, and operations are key if risk managers want to fully understand their enterprise’s preparedness, as well as that of their suppliers, partners, and customers. In the words of one respondent: “The operations of [our] company are becoming more complex and involving more dimensions. When dealing with third parties, the company expects to encounter more troubles and problems outside of our control.”

Reducing disaster frequency through risk control.

Tip 3: Invest early in threat management.

Unsurprisingly, the companies who experienced a disaster have been the most proactive and effective at putting measures in place that prevent future incidents. Respondents cited improved detection and early warning systems, extra funding in prevention, and better testing scenarios as the three biggest takeaways from their most recent incidents.

In other words, higher investment in threat management reduces the need for crisis control. Crises can be avoided by fully understanding and mapping out your organization’s risk landscape. You should continually assess the security, accuracy and accessibility of any critical information systems. This might include marketing collateral, income channels, and/or logistics systems along with access to capital. Combined with cyber-security reports, supplier court cases, whistle-blower reports, and open and honest communication with your team can you begin to create a map that evaluates the entire risk landscape holistically.

Tip 4: Test your plans regularly and often.

Tip 5: Use facts to make decisions, not opinions.

Risk managers need to be especially aware of senior executives who refuse to accept the fact that a specific type of disaster could happen within the enterprise – their personal biases should not impact an organization’s readiness to deal with any risk, no matter how likely they personally believe it is to occur.

Leadership and decision-making are of enormous importance during a crisis situation. Different styles of leadership will be necessary at different times as the disaster unfolds, but the spokesperson and team leader should be at the center of your efforts. That means leaders should be flexible, calm and be willing to seek insight and professional advice from their whole team, while also moving decisively. Proactive training and planning are vital when bringing together senior leaders for a disaster, as is making sure they’re aware about the strengths and weaknesses of their own management styles. You may need to make allowances to counterbalance those styles.

The Painful Truth

The recent Coronavirus outbreak has revealed in stark detail how unprepared many businesses, communities, and even nations are to handle a serious disaster. When a disaster is looming, we recommend bringing together an action group to tackle that specific issue, with professionals from within and outside the business working together. Any team should comply with a pre-established crisis communication and management plan. Next week we’ll cover Coronavirus: 6 New Business Risks.

At the end of the day, by telling the painful truth and showing humility and compassion a company can maintain customer trust and the buy-in of its stakeholders. Despite the hardships, every crisis is an opportunity for reinvention and improvement. Many business owners struggle to fully grasp the myriad risks they face. That’s why we’ve built a framework that teaches businesses how to anticipate and navigate risk before it becomes a crisis.

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

risk-takers #2 Terry Fisher — Electronic Countermeasures

By Chesley Brown | July 14, 2020

Have you ever stopped to ask yourself what it is about your business that is truly valuable? When you really think about it, any business with a product or service has something a competitor or adversary could use. And if you’re being honest, you probably haven’t fully considered all the ways they might get their hands on that information. You’ve spent years building your business, but all it takes is one bad day to compromise that dream. In this week’s episode Brent sits down with FBI Special Agent (Ret.) and engineer Terry Fisher to discuss corporate espionage, electronic countermeasures (sweeps), bugging, and the common methods bad actors have used throughout history to gain access to proprietary information.

Read More

Podcast | Risk Takers Series #2 Terry Fisher — Electronic Countermeasures

By Chesley Brown | July 14, 2020

Have you ever stopped to ask yourself what it is about your business that is truly valuable? When you really think about it, any business with a product or service has something a competitor or…

Read More

The Risk Takers Podcast Series Launches Today!

By Chesley Brown | July 9, 2020

Chesley Brown Launches the Risk Takers Podcast Series Security Risk Management experts Chesley Brown Companies today announced the launch of “The Risk Takers Podcast Series” — a highly bingeable podcast hosted by veteran risk management…

Read More

risk-takers #1 The Aldrich Ames Espionage Case

By Chesley Brown | June 26, 2020

Dell Spry, a former FBI investigator and counterespionage expert, sits down to discuss the biggest case of insider theft in U.S. History: The Aldrich Ames Case. Hear how he, along with the help of the CIA, and the fellow FBI agents used their cunning, hard work, and old fashioned investigative work to capture and convict most infamous CIA officer-turned traitor: Aldrich Hazan “Rick” Ames. Beginning in 1985 the CIA experienced the unparalleled loss of its of Soviet assets, which nearly destroyed the government’s ability to gather intelligence on the Soviet Union. In this interview Mr. Spry discusses his personal involvement in the case as the FBI’s lead investigator including many of the investigative methods they used. Hear never before details about the harrowing investigation to not only investigate and convict the highest ranking government official ever accused of spying, but to protect future Russian assets. In 1991, the quest led them to search for a Soviet spy in the CIA. They came to identify that spy as CIA Case Officer, Aldrich Hazan “Rick” Ames, a long-time CIA case officer and analyst. In February of 1994, Ames was arrested by the FBI and sentenced to life in prison.

Read More

Podcast | Risk Takers Series #1 The Aldrich Ames Espionage Case

By Chesley Brown | June 26, 2020

Dell Spry, a former FBI investigator and counterespionage expert, sits down to discuss the biggest case of insider theft in U.S. History: The Aldrich Ames Case. Hear how he, along with the help of the…

Read More
The 7 Step Guide for Building Business Continuity Plans that Work