Five Steps to Create a Crisis Management Plan

What is a crisis management plan?

Crises are a fact of life, whether novel viruses, natural disasters, cyberattacks, or any other form of critical event. What then can agencies and organisations do to prepare?

High on the list of crisis preparatory activities is the crisis management plan – a catalogue of roles, responsibilities, and tasks personnel will perform before, during, and after a crisis.

The crisis management plan itself lays out how exactly to respond to a critical event that could negatively affect an organisation’s profitability, reputation, and/or ability to operate. Its purpose is to avoid or minimise damage, as well as provide direction on critical matters, such as personnel, resources, and communications – so they can be actioned effectively during the crisis.

Why you need a crisis management plan?

Not all executives will readily agree to the depletion of present resources for future contingencies. Crisis management practitioners, as such, must be able to answer why exactly the incident and crisis management plan is necessary.

The answer is simple. Planning saves. In the emergency management context, FEMA found that every dollar spent on natural disaster mitigation saved six dollars on recovery.

The data isn’t as conclusive for corporate crisis, but crisis management planning gives staff and stakeholders peace of mind, uncovers risk, accelerates response and recovery, and might ensure compliance.

Not all crisis planning is sufficient, though. Given its importance, it’s imperative to get crisis management planning right.

How to go about it? The following five steps to creating a crisis management plan should help.

Conduct a vulnerability audit to assess your current crisis preparedness.

The first step is conducting the vulnerability audit. A multi-disciplinary risk assessment, the vulnerability audit helps organisations identify areas of weakness, i.e., threats arising from normal operations, external events, or just those most common to the industry.

Organisations use this risk assessment to develop a list of potential crises, which they then rank order in likelihood of occurring as well as associated costs of responding.

Allocate a team to your crisis management plan.

Of course, crisis management planning and the crisis preparedness plan itself are only as good as the personnel tapped to execute them. That is the role of the crisis management team, a cohort of people centrally involved in the creation (then implementation) of the crisis management plan and thereby crucial to any positive outcome.

What are the relevant roles in creating a crisis management plan? It all starts with the Crisis Management Chair, heading up crisis management leadership.

Amongst the duties ascribed to the Chair, who heads up all crisis preparedness, is planning for decision making in crisis, i.e., “the process that leads to the selection of a course of action for more than one alternative option.”

Why does crisis decision making matter? When a crisis strikes, it tends to move quickly. Which means quick decisions will be required, in a high-stakes environment (possibly the highest), where information is limited, stress is acute, and scrutiny is intense. Decisions are rarely made in those conditions; and so, they should be practiced ahead of time.

As for the remainder of the core team, appoint senior managers from the company’s most important business units, such as Finance, HR, Operations, IT, Communications; specialist roles include Log Keeper, Support, etc. (See below).

Best-practice composition of your crisis preparedness and management team

Know when to initiate the crisis management plan.

The crisis management team helps to craft the plan, which should be reviewed and approved by the company Board as well as other senior management.

But that response plan is only as good as the activation guidelines it includes. To this end, the crisis management team needs to document all the criteria and indicators they will use to determine whether a crisis has occurred.

In addition to setting activation guidelines, crisis management teams should consider other relevant logistics, such as the chain of command structure for specific scenarios and where to set up your crisis command centre or off-site gathering points in the case of evacuations. In the case of the former, multiple locations might be necessary, including somewhere at headquarters and an off-site setting if headquarters are seriously compromised by the crisis.

Include playbooks and scenarios in your crisis preparedness plan.

Preparing for a crisis means playing the odds. Organisations shouldn’t plan for the worst-case scenario; they should plan for the likeliest events.

To do so, teams should develop individual playbooks (or action plans) for the specific crisis scenarios identified in the (earlier) risk assessment. Like the larger plan, these playbooks should be flexible, responsive modules.

To be actionable, though, these playbooks, as well as the master plan and other documents and policies, must be easy to deploy and refer to during a crisis. Mobile-friendly crisis management software will help.

Developing a crisis management plan exercise.

In this risk environment, though, it’s not enough to have an actionable plan if you just set it and forget it. Instead, organisations must make use of the controlled, risk-managed environment of exercises and testing. This environment helps to build familiarity and comfort with the crisis management plan.

In addition to breeding confidence, what other roles do exercises and testing play? Exercises and testing also:

• Help crisis leaders to identify problems with and solutions to latent issues with crisis management programs and practices
• Reinforce the culture of crisis competency and the value of exercises and testing

How to go about it, though? Best-practice crisis management testing standards, such as ISO 22398, suggest conducting a needs and gap analysis.

To conduct this analysis, organisations start with a list of questions, which they pose to staff (usually business line heads). Common questions include:

• Does the exercises and testing plan address requirements for exercises and testing?
• Can this plan promote consensus with interested parties?
• Does the plan offer an opportunity to reach and interact with its target group(s) and potentially address their interests?
• Does this plan provide an opportunity to address multiple issues in depth?
• Does this plan focus on key issues?
• Does the plan provide information tailored to the target group(s)?
• Is this plan practical and relatively easy to implement?
• Does the plan provide for information transfer at relatively low cost?
• Is this plan easy to update?
• Is the effectiveness of this plan measurable?
• Is this plan a good vehicle for education?
• Is this plan creating a constructive and supportive atmosphere?
• Is this plan an effective way to get publicity or increase public awareness?
• Does the plan conform to the organisation's constraints?

The gap analysis not only helps make the case for a best practice testing program, but it also indicates what kind of exercise (out of the many available options) that that program should be deploying.

Exercises companies might undertake include:

Failing to plan is planning to fail. And when it comes to crisis, failing to plan is spectacularly costly.

Organisations don’t have to pay the outsized price. By creating, testing, and updating crisis management plans, businesses can ensure better response outcomes, lower legal exposure, higher productivity, and, of course, improved peace of mind.

So, if you’re struggling to develop your own crisis management plan, Request a demo or search through our Noggin Resources for help. Go ahead, see what Noggin can do for you.

Sources:

Jonathan Bernstein, Bernstein Crisis Management: The 10 Steps of Crisis Prevention. Available at https://www.bernsteincrisismanagement.com/10-steps-crisis-prevention/. 
Ibid.
Michelle G. Hough and John Spillan, Journal of Business & Economics Research: Crisis Planning: Increasing Effectiveness, Decreasing Discomfort. Available at https://www.researchgate.net/publication/242581268_Crisis_Planning_Increasing_Effectiveness_Decreasing_Discomfort.