Understanding the Basics of Corporate Crisis Management

What is a business crisis?

Even though crisis is a fact of corporate life, organisations often fail to prepare themselves adequately. That is despite the clear risks associated with poor corporate crisis management and corporate emergency management, i.e., lack of a corporate crisis management plan and corporate crisis communication plan. Notable risks arising from ineffective crisis management in corporate communication include as harm to stakeholders, material losses, up to and including bankruptcies. Why do businesses take the risk?

One explanation might be that organisations tend to conflate business crises with consistent slow-burn issues. Though the latter might turn into crises if not handled effectively, they are not crises, which are, by definition, episodic and of more significant magnitude.

Indeed, a business crisis constitutes an unanticipated event or issue that disrupts day-to-day business operations; such an event has the potential to create significant financial, safety, security, or reputational harm.

Types of business crises

1. Economic, events or situations like strikes, market crashes, and labour shortages.
2. Informational, loss of important information or organisational records, including public and/or confidential records, theft through phishing attacks, social engineering, or the leaking of sensitive data.
3. Physical, compromised major equipment, loss of suppliers, or a major disruption at a key operating plant.
4. Human resources, the loss of a key executive or team member, vandalism, or workplace violence.
5. Reputational, rumours and gossip that can significantly hurt the reputation of the organization.
6. Psychopathic, unthinkable acts such as terrorism, kidnapping, or even tampering with products.
7. Natural disasters, including tornadoes, earthquakes, fire and flash foods, disease outbreaks, etc.  

Crisis management process

What then can be done? Well, the task of preparing for, managing, and recovering from a business crisis falls under the banner of corporate crisis management. A crisis management process is one designed to prevent or minimise the damage a crisis can inflict on an organisation.

Businesses can go a long way towards mitigating the damage associated with crises by treating corporate crisis management as a critical business function, with activities implemented for each crisis phase.^[i] The phases include:

1. Pre-crisis. Prevention and preparation, i.e., reducing the known risks that can lead to crisis.
2. Crisis response. When management must respond to a crisis.
3. Post-crisis. The post-mortem phase when companies look for ways to better improve preparations for the next crisis as well as fulfil commitments made during crisis response.

When building or enhancing corporate emergency management competencies, organisations should also take intelligence gathering and constant monitoring as their default mode, using a suitable crisis management software platform. That entails approaching crisis management as a life cycle, taking a strategy-oriented approach for each of the following stages:

• The build-up stage, or the Prodromal Crisis, when you might see hints or clues of a potential crisis appearing in media outlets. At this stage, you should be looking for the repetition of certain trigger themes, repeated messages describing symptoms or precursors to a crisis.
• The impact stage, or the Acute Crisis, when one of the triggers has developed into a full-bore crisis. Often the shortest stage in the crisis lifecycle, the impact stage tends to result in the most physical, fiscal, emotional, and reputational damage to a company. Companies can usually expect the most media scrutiny during this phase of the lifecycle.
• The Chronic Crisis stage, the company suffers through any lingering effects of acute crisis, which can be physical restoration, legal action, or public activism. Media coverage, at this juncture, tends to focus on blame and responsibility.
• The Resolution stage, the crisis no longer impairs the organisation’s operations or directly impacts the public. The risk at this stage is that the crisis remains latent, with the potential to strike again to even more devastating effects.

Creating a corporate crisis management plan

Understanding the crisis management lifecycle will help organisations enhance mitigation, response, and recovery activities. These activities should be catalogued in a corporate crisis management plan, with relevant annexes for crisis management in corporate communications.

So, what then goes into the corporate crisis management plan?

Well, the short answer is it depends. Specifically, the crisis management plan hinges on a couple of factors:

• Company goals
• Unique risk factors

When committing a plan to paper, organisations should take the following steps.

1. Have a firm grasp of performance objectives. What would constitute success? What are the KPIs they will be tracking?

2. If organisations can’t answer those questions immediately, that’s ok. Some of the responses will depend on performing a vulnerability audit. That is a multi-disciplinary risk assessment which organisations undertake to determine areas of operational weakness and come up with strategies to mitigate or eliminate said weaknesses.

Of course, the fundamental purpose of the audit is to uncover current and potential threat, whatever form they take, e.g., arising from normal operations, most common to the industry, and unexpected external events.

3. From there, organisations will develop a list of potential crises and rank them in order of likelihood of occurring and associated costs of dealing with the impact.

4. Then, after incorporating a list objectives and likeliest crisis scenarios into the plan, organisations will proceed with drafting the rest. The plan itself will have to be flexible enough to adapt to multiple situations, i.e., modules rather one-size fits all.

5. The final step, often forgotten, is defining what constitutes a crisis within the plan ahead of time. Organisations must know when to call in the crisis management team. And to do this, they should document all the criteria and indicators which will be used to determine whether a crisis has occurred.

Corporate communications

When crisis response goes awry, flawed communication is often the culprit. In crisis, bad corporate communications can either mean withholding too much information from the public, having important internal spokespeople saying different things (i.e., not being on-message,) failing to correct the record, giving too much information to the wrong publics, etc.

Combatting those common errors requires planning ahead of time, i.e., developing a crisis communications plan. The plan should include the following:

• Pre-written messages (including press releases) based on likely crisis scenarios
• Designated company spokesperson (usually the CEO) to serve as the face and voice of the crisis response
• Instructions for regular media trainings for that spokesperson
• A strategy for crisis response on your social channels – procuring a social media monitoring platform helps in this specific regard

Many smaller organisations, of course, don’t have dedicated, in-house PR resources. For the purposes of crisis communication planning, those firms should consider investing in an external PR resource in a contract capacity. Make sure that person weighs in on the crisis communications plan and is fully abreast of subsequent.

Using crisis management software

Indeed, crises are a fact of business life, making corporate crisis management an essential organisational competency.

However, building such a competency takes time and effort. And so, firms themselves have to get serious, investing in the right crisis management technology to execute best-practice strategies that will serve to improve the management of critical events and exercises.

What capabilities matter most? In close, we suggest the following:

• Automated workflows and checklists. With workflows and checklists that automatically notify and send tasks to your team, your solutions should let you focus on effectively managing the crisis, not the admin work.
• A single source of truth for all your data. Digitise and manage incidents, exercises, response plans, teams, procedures, situation reports, track tasks, and more. Your solutions should keep everything in one location, so you can easily keep everyone on the same page.
• Adaptable to your operations. In the same vein, your solution should offer comprehensive libraries of best-practice forms, boards, workflows, lists, templates, and more. With user-friendly no-code designers, the solution should be easily customized to suit how you work, not the other way around.
• Respond from anywhere, on any device. Built on a resilient, cloud-based platform, the solution should be such that it can be used on any device, wherever you are and crises arise.

Finally, the precipitous rise in corporate crises necessitates a best-practice approach, paired with advanced technology capabilities, to ensure effective critical event response and better coordination. The up-front investment might seem like much. But the results speak for themselves: peace of mind, improved collaboration, and, of course, longstanding organisational resilience.

Sources:

W. Timothy Coombs: Crisis Management and Communications. Available at http://www.facoltaspes.unimi.it/files/_ITA_/COM/Crisis_Management_and_Communications.pdf. 
Ibid.
Dawn R. Gilpin, Priscilla J. Murphy: Crisis Management in a Complex World. Available at https://books.google.com/books?id=_7rW6w7duDUC&pg=PA19&lpg=PA19&dq=crisis+management+lifecycle&source=bl&ots=jwJDoU7dfa&sig=BCQOC9MNz632lPo6dCivA9fFQsg&hl=en&sa=X&ved=0ahUKEwiJ_sPfxZ7ZAhUB3GMKHdO4CMcQ6AEIbzAO#v=onepage&q=crisis%20management%20lifecycle&f=false 
Gwyneth Veronica James Howell, Queensland University of Technology: Description of the Relationship between the Crisis Life Cycle and Mass Media. Available at https://eprints.qut.edu.au/15827/1/Gwyneth_Howell_Thesis.pdf. 
Jonathan Bernstein, Bernstein Crisis Management: The 10 Steps of Crisis Prevention. Available at https://www.bernsteincrisismanagement.com/10-steps-crisis-prevention/. 
Ibid.
Michelle G. Hough and John Spillan, Journal of Business & Economics Research: Crisis Planning: Increasing Effectiveness, Decreasing Discomfort. Available at https://www.researchgate.net/publication/242581268_Crisis_Planning_Increasing_Effectiveness_Decreasing_Discomfort.