Understanding the needs and perspectives of organisations and their staff in emergency and BC planning, considering an omnidirectional approach to risk communication
“Risk communication and risk management efforts are destined to fail unless they are structured as a two-way process. Each side…has something valid to contribute. Each side must respect the insights and intelligence of the other.” – Paul Slovic, 1987
Developing security and resilience capabilities in today’s world can be difficult – they must be tailored to an organisation’s industry, strategy, needs and demands, built in anticipation of a multitude of complex risks and threats, compliant to one or more industry standards…and all within a set budget.
To be relevant, and successful, a collaborative approach is required, balancing the expertise of risk management practitioners, emergency planners and business continuity specialists, and the inherent knowledge, understanding and needs of those belonging to an organisation. This method of planning takes existing knowledge and capability, and guided by subject matter expertise, provides a holistic security and resilience solution.
At Agilent, we have provided three useful suggestions for an omnidirectional, or ‘two-way’ approach to the communication of risk:
- Ownership and empowerment – an organisation’s approach to security and resilience should be directly aligned to its strategies and priorities; it is thus key that such functions are owned, understood and communicated by organisational management, even if managed by a specialist consultant or risk team. This creates a ‘top down’ approach that supports the development of a robust risk culture and aids effective risk communication.
- People from all levels – when conducting risk or business impact assessment workshops, attendees shouldn’t just be from management; such workshops should include technical specialists that are able to identify a bespoke system or business process managed by a small team, that is a dependency to an organisation’s most critical business function. This technical information is crucial in developing accurate continuity and security strategies but also fosters ownership and understanding throughout the organisation.
- Feedback information – participants in risk planning processes want to know that their input and involvement is valued, that their insights have been listened to and incorporated into security and resilience practices. Clear explanations should be given of how their information will be used, and the next steps for their involvement.
Agilient can assist your organisation in creating a collaborative approach for the design and implementation of its security, resilience, and emergency frameworks. Contact us today.
Slovic, P. (1987) ‘Perception of Risk’. Science. 236 (4799), 280-285; available online at: https://socsci2.ucsd.edu/~aronatas/project/academic/risk%20slovic.pdf;