5 Tips for Creating Better Crisis Management Plans

Like a lot of people, you may be wondering what comes next for your business or organization following the Coronavirus outbreak (or any other crisis for that matter). Well, you’ve come to the right place. The Coronavirus outbreak has created a renewed focus on crisis management and risk mitigation for many organizations, especially when it comes to public health risks.

We created this blog as a case study to show business owners how to prepare a comprehensive business continuity and crisis management plan that will help them recover faster, and prevent future crises.

You just need the right tactics.


Why should you listen to us?

  • With over 30 years of security management experience, a vast majority of companies we’ve encountered are critically under prepared for a crisis
  • We are the only company that advises and manages professional security programs for organizations worldwide.
  • The Coronavirus outbreak has completely rewritten the rules on crisis management.
  • The tips and strategies we teach aren’t from some random retired law enforcement official who runs a consultancy as a side hustle, but instead from diverse collection of industry leading subject matter experts who have real-world experience in business.
  • It only takes one bad day to destroy what you’ve spent your life building. We want you to thrive, and we are here to answer the call, even if it’s at 4:30 in the morning.

In light of the worldwide Coronavirus crisis, we, as a company, have decided to make our business continuity resource center available to the public. Below is a excerpt from our forthcoming ebook titled the “Business Continuity and Crisis Management Playbook.” Over the coming weeks we will be publishing tips, insight, expert analysis, and new operating standards to help companies recover faster, secure what matters most, and protect themselves and their employees in the future. We have put together this guide to help you prioritize action, build on the lessons we’ve learned, and better insulate your employees and assets from future crises.

In our 30+ years of business, a large percentage of the companies we have encountered are either totally unprepared or critically under prepared for crises — even the most predictable ones. Many do possess what the industry refers to as  “operational response” plans for specific contingencies, primarily relating to natural disasters. These “how we will protect each person physically” plans remain an inadequate form of communications. They fail to plot for the much wider variety of crises, along with strictly reputation-threatening crises, to which every company or organization is vulnerable.


Nearly 60% of all senior crisis control executives say they are facing more crises today than they did 10 years ago, according to research from Deloitte. From current events such as the global Coronavirus Pandemic to internal issues that can suddenly blow up (think hacking, or defective products) 80% of companies will be confronted by some type of crisis in the next two years. How prepared are you?

Cyber and safety incidents are the most common issues, followed closely by security incidents, performance issues, and finally regulatory or environmental concerns. The fallout can be extensive: beyond simple reputational damage, a crisis can devastate worker morale and sales, not to mention long-term financial performance. Well over 50% of organizations see a jump in consumer complaints after an incident. Once the damage is done, it can quickly metastasize into a broader crisis before you fully understand what is happening. Those facts taken alone are jarring, however, when combined with the fact that 93% of all companies without a recovery plan are out of business within a year; it becomes more important than ever to have a well thought out plan for how your business and team will handle the next crisis.


The Growth of Crisis Management

Crisis management plans are now ubiquitous among the world’s largest corporations. 84% of the world’s fortune 500 companies have individual strategies in place. These plans have been tested to reduce monetary fallout, with Deloitte noting that less than one-third of corporations with a plan document any negative impact on financial performance compared to companies without a plan.

However, a plan alone does not assure a company’s ability to efficiently navigate a crisis. While the studies indicate a tremendous majority of executives accept as fact that their organizations are able to cope with a disaster, most businesses have not tested their preparedness. The most common eventualities that organizations have simulated are generally machine disasters and cyber-attacks, however even then, half of all respondents failed to follow through with the reported recommendations including maintaining a regime of regular ongoing testing. Despite this, 90% of executives say they feel confident in their organization’s ability to respond to a crisis. There is clearly a disconnect. Luckily, this problem is relatively easy to fix.

Tip 1: Systematically test your plans with stakeholders and board members.

Simply testing a disaster plan with senior board members substantially reduces both the number of crises as well as the negative consequences when they do arise — 21% of enterprises that include board members in their crisis management plans reported a decrease in the number of crisis situations they faced, compared to only 2% of the control group. This has the added benefit of creating an open framework for dialog as well as buy-in from each of the stakeholders.

Tip 2: Create realistic crisis simulations.

Creating crisis simulations that mirror an agency’s individual market, shape, and operations are key if risk managers want to fully understand their enterprise’s preparedness, as well as that of their suppliers, partners, and customers. In the words of one respondent: “The operations of [our] company are becoming more complex and involving more dimensions. When dealing with third parties, the company expects to encounter more troubles and problems outside of our control.”

Reducing disaster frequency through risk control.

Tip 3: Invest early in threat management.

Unsurprisingly, the companies who experienced a disaster have been the most proactive and effective at putting measures in place that prevent future incidents. Respondents cited improved detection and early warning systems, extra funding in prevention, and better testing scenarios as the three biggest takeaways from their most recent incidents.

In other words, higher investment in threat management reduces the need for crisis control. Crises can be avoided by fully understanding and mapping out your organization’s risk landscape. You should continually assess the security, accuracy and accessibility of any critical information systems. This might include marketing collateral, income channels, and/or logistics systems along with access to capital. Combined with cyber-security reports, supplier court cases, whistle-blower reports, and open and honest communication with your team can you begin to create a map that evaluates the entire risk landscape holistically.

Tip 4: Test your plans regularly and often.

Tip 5: Use facts to make decisions, not opinions.

Risk managers need to be especially aware of senior executives who refuse to accept the fact that a specific type of disaster could happen within the enterprise – their personal biases should not impact an organization’s readiness to deal with any risk, no matter how likely they personally believe it is to occur.

Leadership and decision-making are of enormous importance during a crisis situation. Different styles of leadership will be necessary at different times as the disaster unfolds, but the spokesperson and team leader should be at the center of your efforts. That means leaders should be flexible, calm and be willing to seek insight and professional advice from their whole team, while also moving decisively. Proactive training and planning are vital when bringing together senior leaders for a disaster, as is making sure they’re aware about the strengths and weaknesses of their own management styles. You may need to make allowances to counterbalance those styles.

The Painful Truth

The recent Coronavirus outbreak has revealed in stark detail how unprepared many businesses, communities, and even nations are to handle a serious disaster. When a disaster is looming, we recommend bringing together an action group to tackle that specific issue, with professionals from within and outside the business working together. Any team should comply with a pre-established crisis communication and management plan. Next week we’ll cover Coronavirus: 6 New Business Risks.

At the end of the day, by telling the painful truth and showing humility and compassion a company can maintain customer trust and the buy-in of its stakeholders. Despite the hardships, every crisis is an opportunity for reinvention and improvement. Many business owners struggle to fully grasp the myriad risks they face. That’s why we’ve built a framework that teaches businesses how to anticipate and navigate risk before it becomes a crisis.

Posted by:

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

Chesley Brown Announces Addition to Senior Team

By Chesley Brown | March 27, 2019

Dell Spry Joins Chesley Brown Team To support the ongoing growth and demand Chesley Brown is pleased to announce Marvin O. “Dell” Spry has joined the Senior team as a Managing Director. From Chesley Brown…

Read More
Happy kids with rucksacks walking leaving school

Federal Commission on School Safety Releases Comprehensive Report

By Chesley Brown | January 2, 2019

  Federal Commission on School Safety Comprehensive Report Released From Chesley Brown International Risk Management President’s Federal Commission on School Safety Releases Comprehensive Report After 9 months of research, visiting successful programs around the nation,…

Read More
risk management

Fighting Terrorism with Strong Private Sector Relationships

By Chesley Brown | October 14, 2018

Fighting Terrorism with Strong Private Sector Relationships From Chesley Brown International Risk Management “Threat mitigation is a team effort; it’s this relationship and collaboration which is critical to the counterterrorism fight.” We face the same…

Read More
face recognition, automatic face recognition biometric identification; biometric authentication; identity verification

Facial Recognition: the First Catch

By Chesley Brown | September 11, 2018

Facial Recognition Makes its Grand Entry The new technology, deployed in airports across the country, makes its first catch. From Chesley Brown International Risk Management On its third day of testing, facial recognition technology caught…

Read More
hands on a keyboard as if hacking into something

Are Employees an Unintentional Security Risk for Cyber Attacks?

By Chesley Brown | August 20, 2018

Are Your Employees an Unintentional Security Risk for Cyber Attacks? In these times when malware is prevalent and easily disguised as email attachments or seemingly innocent software updates, one of the questions that arises is:…

Read More
The 7 Step Guide for Building Business Continuity Plans that Work