Going into a crisis without a crisis strategy is a bit like saying, “I want to be a CEO by age 40”, but having no actual plan to get there. Luck, connections and hard work may be all that some people need to reach those heady heights, but you’ll have better luck with an actual career plan.
The same thing can be said for reaching any goal – including the goal: ‘survive the crisis!’
Some organisations aren’t prepared
Over the past few years, various surveys have shown that some organisations just aren’t preparing for crises.
- In 2023, Capterra’s crisis communications survey found that just 49% of the US businesses surveyed had a “formal crisis communications plan”. Twenty-eight per cent had an informal one (aka undocumented) and 23% had nothing.
- Also in 2023, the Business Continuity Institute found that just over 39% of respondents from North America had confidence in their crisis planning. For all respondents, almost 29% said that the operated in silos and that outside of senior management and the resilience team, employees had no knowledge of crisis planning.
What proper crisis planning looks like
Build a clear crisis plan
The crisis plan sets out how you’re going to tackle the crisis, and at the absolute minimum should include details like roles and responsibilities, stakeholder maps (and who ‘owns’ the relationship with them), escalation procedures, approval processes, your internal and external communications plans, and details of out of hours contacts (and when they should be activated).
Plan for different scenarios
Analyse what types of crises your organisation could experience and rank them by the level of threat they represent to the organisation, rather than by topic. For example, a minor data breach does not represent the same threat as a massive cyber attack.
Then, look at the difference in action needed for each level of threat. A tier one (highest) threat will require different escalation, for example, than a tier 4 (lowest) threat.
Identify mitigation strategies for each threat level
Once you have your threat levels mapped out, identify which of these crises can be prevented by taking action in the business. For example, can you mitigate the risk of an employee going rogue by changing your culture?
Build your crisis team
Know who your crisis team is well in advance of a crisis, and who is responsible ultimately for making decisions.
Your crisis team should cross departments. Siloed thinking (such as the legal team not understanding what the social team needs, or the comms team releasing information that legal hasn’t approved) can really harm organisations in a crisis. All major departments such as leadership, HR, compliance, customer service, social/community management, PR, marketing, internal comms, IT etc should be represented. A crisis is not just the responsibility of the comms team.
Rehearse your plan and your team
A crisis plan is only as good as its execution. You might have the best plan in the world, but if you haven’t tested it, you don’t know whether it will work. And you definitely don’t want to find out it has gaps during a live crisis. Rehearse with a crisis workshop and simulation.
Don’t put off your crisis planning
Not having a formal crisis plan is risky. Sometimes, life gets in the way, and your crisis plan drops to the bottom of your to-do list. It doesn’t feel urgent… until the crisis hits. It’s a bit like insurance – no-one really wants to do it, but when you need it, you’ll wish you did it sooner.
–
Photo by Brett Jordan on Unsplash
