Business Resilience and Crisis management
It is imperative for all organisations to prepare their business and protect the safety and welfare of staff with a robust crisis system that is soundly implemented and rigorously exercised. We simply cannot afford to wait for another crisis to expose the vulnerabilities in organisational emergency preparedness. Now is the time to invest in the essential that will safeguard essential workers and key business processes.
Emergency preparedness means establishing a holistic, agile, and up-to-date Crisis Management Plan. It means reviewing emergency policies and procedures and, perhaps most importantly, it means training your team.
Essential components of an Emergency Management Strategy
Threats, Criticalities, and Vulnerabilities
Identifying your business threats, assessing your process criticalities, and understanding the vulnerabilities which impact those critical processes exposed by the threats allows businesses to prioritise the credible risks that your organisation confronts. Thereby, enabling us to design and implement Business Continuity, Crisis, and or Emergency Management Plans to suit your business process and mitigate the impact of an event being realised.
The current global threat environment is fluid with many unexpected perils going unassessed by business, therefore the nature of risk is varied and nuanced. A risk assessment must consider the Inherent Risk (untreated risk) and the Residual Risk (risk remaining after inherent risks have been reduced by risk controls). Risk assessments must identify all hazards, from minor to catastrophic.
For businesses, this could include, but is not limited to:
- Threats against staff
- Reputational damage
- IT security breaches
- Civil unrest
- Breach of Regulator requirements or agreements
- Negligence or other civil liability claims
- Supply chain disruption
- Staff shortages
- Critical process disruptions
- Industrial disputes
- Community relations breakdowns
- Business takeovers
- Embargoes and trade sanctions
Not all risks require direct and immediate action. However, a thorough Emergency Management Plan is all-encompassing and regularly reviewed.
Crisis communications are essential and should both address internal (within the business)and external (key stakeholders including regulators) communications and should define processes such as – who sends the notification to key stakeholders. Through what channel? What is the format for the correspondence (what does the communications need to address)? What other agencies or stakeholder groups be notified (as an example – Shareholders)?
A crisis communication plan answers these questions and many others. Communication is vital in crisis management, whether in the form of a formal notification or an informal notification sent through social media platforms.
Although it’s not essential to draft every message ahead of time, an effective crisis communication plan will map the pathways and procedures to get the message out to the right people.
Updated policies and procedures
As laws, industry regulations, technology, and trends evolve, so should an organisation’s Emergency Management plan.
Regularly reviewing the policies and procedures with advice from an experienced Security Management Services consultant ensures your organisation is as prepared as possible. Conducting reviews at least every 12 months is considered best practice (while Standards and Regulations will define a review period as being “Regular Reviews” or “Planned Intervals” for plans, procedures, and policies that carry a higher risk threshold 12 months is seen as best practice).
From business process changes to emerging health risks, cyber threats to staff turnover, new business technologies to supply chain threats annual reviews capture all the changes that could make a difference in an emergency.
Almost no plan is perfect in the first iteration. Testing, exercising and evaluating Emergency Management procedures allow an organisation to find vulnerabilities that affect their critical processes before a high-pressure situation puts even more strain on the plan.
Training and testing go hand-in-hand. Emergency management in industries comes with a long list of considerations, so it’s essential for staff to feel confident and capable during a crisis.
Scheduling workforce training together with the annual Emergency Management plan review will enable the organisation to input lessons learned from the testing and exercising. Therefore, streamlining the organisation’s emergency preparedness and ensuring the robustness of the plan.
Professional Security Management Services
As a highly experienced Security Management Services consultant, Lockforce understands the risks facing modern organisations. The Lockforce role is to help you prepare for the unexpected, as “planning is not a cost, it is an investment.”
Lockforce delivers tailored Emergency Management solutions, including strategic analysis and planning advice, as well as emergency preparedness training for teams.