Five steps for building a successful crisis management plan

Guy Walker
. 9 min read
As we emerge from a year dominated by COVID-19, civil unrest and natural disasters, the necessity of having comprehensive crisis management plans in place has become undeniable. 

What is a crisis? What is crisis management?

A crisis is any event that may evolve into a dangerous or unstable situation. In the context of an organisation, it is more specifically described as an event that could threaten an organisation’s operations, finances, reputation, or safety. 
Crisis management is the process by which organisations seek to minimise this disruption. As a discipline, it covers the broad cycle of a crisis – dealing with threats before, during and after they have occurred.

An increasing number of critical events

As we emerge from a year dominated by COVID-19, civil unrest and natural disasters, the necessity of having comprehensive crisis management plans in place has become undeniable. 
According to United Nations data, natural disaster frequency has increased over the past two decades by 74%. Meanwhile, in 2021 there has been more than one mass shooting per day in the US on average and global deaths from terrorism have increased six-fold since 2000.
As crises continue to grow in severity and frequency, WatchKeeper has outlined the five key steps that organisations need to take to create a comprehensive crisis management plan.

Know your assets

To build a truly comprehensive crisis management plan, organisations need to start by considering two crucial factors. First, what are their assets, and second, where are they. 
There is an assumption that an organisation’s assets are physical objects, such as facilities, aircraft, vessels or vehicles. However, an asset can constitute value beyond a material entity, including people, information, reputation and supply chains.
Identifying the full scale of an organisation's assets is complex, but essential. If an organisation wants to become more resilient to critical events, it must first understand where its assets are located globally. From here, the organisation must consider how critical the assets are to business operations. It must also decide who in the organisation is responsible for the protection or recovery of those assets during a crisis.
Organisations should also decide how frequently data is updated, recognising that some assets are not static: employees are constantly moving, supply chains adjusting, offices relocating, and business-critical operations always evolving.
Consequently, within crisis management planning, the best way to address these two factors is by ensuring that data is synchronised and unified in a central hub, as opposed to being siloed in different departments or stored on disparate systems. Merging information together allows security teams and crisis managers to develop a common operating picture – a key pillar for any crisis management plan.

Identify and monitor risks

Once an organisation has structured and unified its asset data, it can begin to identify and monitor potential threats. Where possible, this second aspect of a crisis management plan should be geared towards being proactive, as opposed to reactive.
Many crisis events are more predictable than we think. Technology now enables us to identify a range of threats, from approaching hurricanes to upcoming protests.
Effective security managers need to monitor social media, weather portals, community groups and news outlets to find out whether critical events will take place near their assets. This will give them time to alert relevant employees and stakeholders, shut their facilities, improve their physical security, or take other action to ensure the protection of their staff, customers or business-critical operations.
For man-made risk events, corporate security, business continuity and supply chain risk managers should aim to use social media aggregators. The majority of these services use artificial intelligence to detect emerging high-impact events from public data. These services send clients alerts on shootings, riots and terror incidents which proceed news reports by minutes or even hours. This extra time is invaluable for proactive critical event management. 
When it comes to natural disasters, Internet of Things (IoT) devices and sensors are transforming how events are being detected and reported. IoT devices provide real-time alerts for earthquakes, wind speeds, river flooding, storm surges, air quality, volcanic eruptions and tsunamis. The data analytics tied to the live data feed can instantly contextualise the magnitude of an event. This can help organisations assess the potential scale and destruction, often minutes, hours or even days ahead of the impact.
 Additionally, some of these crisis events come with a further, albeit small, degree of predictability. Hurricanes, wildfires, tornados and some other natural disasters are more likely in certain geographies during certain times of the year, allowing organisations to proactively bolster their monitoring efforts in specific areas and during known seasonal windows.
However, just as with asset data, this risk information is usually consumed via disparate online portals and alerted via different communication channels. Organisations are left to piece together the varying data, the full impact of the risk event, and identify what assets may be impacted. This process could take several hours, limiting the effectiveness of a mitigating response. 
Where possible, crisis management plans should ensure organisations have a unified global view of both risk events and their organisation's assets. Only then can organisations determine the fastest and most effective response to mitigate operational impact and safeguard their employee and customer wellbeing.

Notify and communicate

When a crisis occurs, it is crucial that an organisation is able to rapidly communicate with its stakeholders. Crisis management plans should establish how relevant actors are made aware of an event, its potential impact, and the best means to minimise any business disruption or safety concerns. It is vital that organisations have robust communication procedures and technology to manage effective mass notifications. 
Even though advances in technology have seen the adoption of more notification channels, such as instant messaging, desktop or in-app alerts and social media, data protection and privacy concerns mean that telephone, email and SMS text messages remain the most common and effective means of communication. 
Regardless of the communication systems an organisation uses to notify its people of a crisis event, it needs to prepare communication templates to ensure rapid dissemination of information to relevant areas of the business that could be impacted.
Furthermore, with templated communications in place, organisations can leverage mass communication technologies to seamlessly automate messages, allowing those in close proximity to the event to take precautionary action, whilst its scale and operational impact is analysed.
In an effective crisis management plan, communication technology would be integrated alongside asset data and risk information. By centralising crisis management plans, organisations are able to automate and further optimise their crisis response. This enables them to identify a critical event, assess whether it’s occurring in close proximity to their assets, and automatically have messages sent to staff and key stakeholders.

Develop crisis response plans

Every event is different in its scale, impact and threat to operations. Even though hurricanes are expected every year from the Atlantic basin, the varying intensity and path of the storms make them impossible to predict with complete accuracy. Similarly, one can expect protests on Pennsylvania Avenue throughout the year, but knowing when they will occur, the size of the crowds, and knowing whether they are peaceful or violent is impossible to know.
Despite this, whether a natural disaster or man-made risk event, there are a number of steps an organisation can take with their crisis management plans in order to assess the risk posed to operations or staff, as well as how to respond effectively. 
By defining standard operating procedures (SOPs) for risk events, organisations can ensure a measured and timely response, even for the most unexpected crises. Although these playbooks, as they are sometimes referred to, will not address every risk scenario, they often guide response teams through the most effective way of mitigating operational impact, as well as providing cover for any compliance issues. When applied to a specific risk event, they inevitably identify indirect operational concerns that might not have been immediately obvious.
It is crucial that SOPs for different types of crisis events are centralised and readily available as part of your crisis management plan. It will allow everyone from executives to the on-the-ground crisis response teams to be aware of the procedure and the expected response to the crisis.

Audit and learn

An organisation’s resilience to crisis events can only improve through after-action reviews. They should be a key part of any organisation’s crisis management plan. Resilience is built when organisations understand where their crisis response process can be made faster and more effective. 
After each risk event, no matter the scale, type, or frequency, organisations should consider: how they can improve their alerting mechanisms, how they identify assets in close proximity to the threat, how they communicate effectively to those at risk, and how they collaborate with key stakeholders across the organisation to ensure a comprehensive response. 
This can only be achieved if there is clear auditing or documentation of decisions around the management of a critical event. Reviewing decisions, the time frame around information and events, and when plans were enacted can highlight where there was a lack of clarity around specific event reports and decisions. By automatically logging when information was received and decisions were taken, this process can be conducted far more effectively.
All in all, after-action reviews are about learning and creating best practices that can be inserted into SOP templates for future risk events. It is a key part of a crisis management plan, not an exercise for blaming decision-makers or the efforts of those carrying out plans.
Ultimately, organisations wishing to build comprehensive crisis management plans must move away from old crisis methodologies and adopt new technologies for data management and reporting. They must proactively identify risks to business operations or employee life safety and rapidly initiate their responses to minimise impact.
Only then can an organisation be resilient enough to fulfil its duty of care requirements towards employees and customers and also be able to maintain business continuity during even the largest crisis events.

To find out about WatchKeeper International’s new critical event management platform and how it can help your organisation visualise, track and protect operations from crisis events, go to or email *This article was originally written for Security Magazine by WatchKeeper and was first published in November 2020.
51° 30' 35.5140'' N
0° 7' 5.1312'' W