If your company is one of the 51 percent of organizations that admits to not having crisis management playbooks in place, now is the time to sit down and start planning. The very future of your business could depend on it.
But where should you begin? If you are new to the process, building issue and crisis management plans likely seems like a daunting task. Luckily, there are just six key steps required to create a plan—and the process will likely become easier after you have gone through it the first time.
Here is how to get started:
1. Assess your risks
The first step is a risk assessment, which identifies potential issues and crises that would disrupt your business function and/or processes. Work with members of leadership, your crisis response team, and other key stakeholders to begin listing all relevant threats and vulnerabilities that could impact the organization. These might include public relations blunders, social media gaffes, product recalls, cyberattacks, workplace issues, and extreme weather events.
2. Determine the business impact
A business impact analysis (BIA) qualifies the potential impact of a business-disrupting issue.
Completing a BIA can reveal a variety of impacts, including:
- Customer dissatisfaction or attrition
- A damaged reputation in the public eye
- Lost or delayed sales or income
- Increased costs
- Regulatory fines
A BIA is an important step to make sure your organization is truly considering every angle of a threat. It also can help to make a business case to anyone who does not see the value of issue and crisis management plans. Ready.gov offers a free BIA template that can help guide you through the process.
3. Identify contingencies
Now that you have determined what risks could impact your business and how, begin identifying which actions will help your organization to respond effectively to each threat.
Think about the steps that would be required to resolve the issue, what resources would be required, and how employees can help.
For example, for the response to a social media blunder might include your digital team issuing statements across all your social media platforms, while your customer service team is briefed on what to say on incoming calls.
Meanwhile, the plan for a product recall requires help from IT and logistics to determine how to fix the problem, while customer service, sales, and public relations work together to answer customer questions and protect the company’s good standing.
4. Build the plan
Once you have determined a contingency for each potential threat, flesh out the plans by working with relevant stakeholders. Key employees, such as department heads, can help to provide insight into available resources and potential hurdles. You also may need input from outside parties, such as contractors and partners that work closely with your business.
In addition, keep in mind any relevant regulatory requirements, and determine how you will continue to meet them, even in the midst of a crisis. For example, if your organization must remain compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), be sure to account for this in the crisis response plan.