Crisis Management involves mitigating the consequences of destabilising or disruptive events that impact a business’s functioning, and to assist in recovery after the event. These events may include natural disasters, terrorist threats, IT security incidents or an industrial fire disrupting the product chain.
Crisis Management is the identification of potential threats to an organisation and the development of strategies and methods to deal with them. Unlike Risk Management – which involves planning for events which may occur – Crisis Management involves reacting to these events during and after they have occurred. Crises events often lead to drastic changes, disrupting multiple business functions, causing loss and triggering a variety of far-reaching consequences. Hence, they require quick decision-making and effective strategies to respond to and minimise their impact on the business.
Because global events are inherently unpredictable, organisations are encouraged to develop crisis management plans. These plans must be made before the events occur, when everything is running smoothly and people are acting rationally. By planning in advance, businesses will likely have a more efficient and quicker recovery.
A crucial aspect of Crisis Management is acknowledging that not all crises are avoidable. Crises are often unforeseen, public and very harmful for your business in terms of reputation, revenue, service delivery and market positioning. However, Crisis Management ensures effective strategies are in place and can be utilised when the time comes. These strategies are the key to proper public relations, asset protection and personnel retention.
The way in which an organisation and its decision-makers manage these crises will often determine the overall impact the crises has on their business. Crisis Management encourages businesses to be on the front foot, using Crisis Management Plans and scenario planning. By managing a crisis well, a business can demonstrate their resilience and authenticity to the world.
The main services Agilient offers in relation to crisis management are:
- The development of initial emergency response policy, process and plans designed to ensure that immediately following a crisis staff and other stakeholders are safe and immediate hazards eliminated.
- The design and establishment of warning, alerting and activation of incident response
systems and processes. - The design and testing of command and control, information, coordination and cooperation
frameworks and systems. - Plans for the effective management of communication within the organisation and with
external bodies such as media outlets. - Business Continuity Management (BCM) planning and testing.
- IT Disaster Recovery Planning (ITDRP) and testing.
In undertaking this work, Agilient uses the following standards.
AS 3745, Planning for emergencies in facilities;
- ISO 31000, Risk management – Principles and guidelines;
- ISO 22301 Societal security – Business continuity management systems – Requirements;
- ISO 22320, Societal security – Emergency management – Requirements for incident response;
- ISO 22325, provides guidelines for an organization in assessing its emergency management capability;
- ISO 22323, Organizational resilience management systems – Requirements with guidance for use;
- ISO 22325, Societal security – Guidelines for emergency capability assessment for organizations;
- ISO 22351, Societal security – Emergency management – Shared situation awareness;
- ISO 22397, Societal security – Public Private Partnership – Guidelines to set up partnership agreements;
- ISO 22315, Societal security – Mass evacuation; and
- ISO/IEC 27031, Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity.