Monday, December 10, 2012

CRISIS MANAGEMENT ACTION PROTOCOL


2012 has seen its fair share of crises in shipping accidents, environmental, pharmaceutical recalls and mining disasters. So many managers, executives and government leaders were not prepared to manage critical events. The fact is the worst case scenarios are occurring with greater frequency than ever before.

 
The constant call is for a documented crisis management plan that outlines the courses of actions to be taken and provides specific guidelines appropriate for complex and unpredictable occurrences.


A crisis management plan lays out the framework and process for the preparation of, and recovery from, a major event. The plan must provide an integrated structure that can operate across an operation seamlessly.  It should be simple and easy to apply to an organisation in terms of implementation, education, maintenance and continuous improvement.

The essentials of a basic plan are as follows:


Organisation. This should outline how the plan will work across your particular business or operation. It should include management philosophy towards crisis management and its link with emergency planning, issues management, product recall and security planning. It should outline who, in the corporate organisation, is responsible for the whole crisis management plan and emphasise the legal and regulatory requirements of the plan. It needs sufficient planning information about human resources support, reporting to senior management and essential items such as document control and security and confidentiality of material. Details as to who the plan is distributed to and the necessary plan revision instructions should be defined. A crisis management manual needs to be defined under this organisational heading. Details of the contents and its distribution and validation should be confirmed.

Team management. This lists how the team is structured and who should be in it. It needs to identify the different roles necessary to deal with responses at every level. It needs to identify the structure of teams, the qualification of those people involved.

The plan should clearly outline how teams interrelate during a crisis, lines of authority and core responsibilities. The leadership issue needs to be laid down and clear authority has to be detailed. Back-up and support teams and systems should be described. These procedures also need to detail who is responsible for the alarm or call-out (the required actions and authorities to mobilise the team).

Crisis “threats” identification. This element details the framework for threat assessment in order to provide a suitable response. It recognises the vulnerabilities of the organisation - the types of crises that could occur to a company or organisation. It should provide a clear definition about worst case scenarios. It needs to provide a process of identifying a wide range of threat exposures that may impact on the organisation. It should also outline the importance of these threat analyses to local conditions. Head Office should have its own set of threats and then each site and location should identify its own dedicated set of threats. This process should be documented as an annual requirement. These procedures should provide a description of the level and classification of the event in a common standard across the organisation.

Crisis response procedures. This step identifies how responses to the above threats are detailed. It confirms the necessary actions of the team relative to the response and control of the crisis. It sets out how the checklist of responses is listed. It determines how to go about identifying the most efficient response strategies. It should provide guidelines for the action responses of teams and support groups.

Control Centre and communication facilities support. The purpose of these procedures is to locate and equip a central control room for each crisis team. This item should identify a standard plan for the location and type of control room for the management of an incident.

These procedures should detail a secure location and lay out the necessary equipment to assist crisis teams in being kept informed and providing information regarding crisis events.

It should provide the equipment to interface with incidents in the field and the technical equipment details to communicate outside the location during crisis incidents. It should also provide facilities for logging and minuting the course of events.

Communication hardware and software should be detailed, particularly related to portable equipment and temporary back-up systems. It should detail external emergency, medical and security support availability.

Information Procedures. The requirement of this component of the plan is to list the methods and techniques to provide information about what has happened to a wide range of stakeholders. It should list the methodology of the message agenda control. It should identify internal and external audiences, including employees, the media, the community, government and so on. It should confirm the process of corporate transparency related to information flow and detail.

It should identify the spokesperson’s role and guidelines for dealing with the media, victims’ families, distressed personnel, investigators and security incidents.

Training and retraining standards. The training requirements need to be qualified in terms of teaching and education, plan validation, group workshops, desk-top exercises and full-scale simulations. This procedure should identify training policies, definitions of instructors’ competency and an overview of auditing procedures for the training plan.

A crisis is a non-routine event and an organisation needs to be able to adapt quickly to the unique challenges of an escalating situation.  The crisis plan provides courses of action for increased significance of decision making.

Friday, September 14, 2012

Management Training for Crisis

Crisis management training is the centre of crisis preparedness. All businesses and organisations need specific training to build a crisis response capability. Training reduces the potential for panic, chaos and confusion and focuses a crisis team on the components of a successful response. 

The objective of a crisis management workshop is to enable crisis management team members to understand the basic principles of crisis management and its application within the organisation.  A good program is designed to review the crisis management plan, team roles and responsibilities, threats and responses and should cover the following:

·      Crisis training objectives:  what the session will achieve.
·      Introduction to crisis - cause and effects:  definitions and examples.
·      Crisis prevention and warning systems:  actions to prevent crises
·      The value of crisis management:  the benefits of being ready - strategies for damage control.
·      Overview of the plan and manual:  walk through each element of the plan and clarify.
·      Crisis management team - roles and responsibilities:  what each role means and what that team member has to do.
·      Threat analysis:  where is the organisation vulnerable and what are the possible effects on the business?
·      Review response strategies:   work through checklists of response actions for each threat. 
·      Integration with outside resources:   review plans with emergency services, police, security, State disaster organisations, etc.  
·      Discuss how to communicate best with stakeholders, employees, customers, media, community, etc.
·      Technology and equipment:  where does the crisis team meet and what essential technology and equipment do they need? 
·      Log keeping and documentation:  confirm document control and efficiency program for retaining information.
·      Test and evaluate:   Using typical threat, team provides discussion on how they would respond to the crisis using the learnings.

Case studies of past crises provide important insights, background and experience. They give the team an opportunity to observe the way in which successful and unsuccessful crisis response has been handled, at the same time as evaluating how recovery was instigated.

The workshop in most cases should be first conducted at the organisation’s Head Office with the Crisis Management Team  As with all the training units in the crisis management plan, it should then be rolled out to regional and divisional business units, operations and sites.  In some cases at smaller sites, the workshop may involve teams of two or three people, but they can still carry out threat identification and the responses to their unique situation.

Don't leave crisis management training until after an event occurs. Get in front and do it now.


Thursday, July 12, 2012

Executive Crisis Management Plan

Recent crises such as BP's Deepwater Horizon rig explosion and environmental catastrophe, News Corporation's phone hacking scandal and the Costa Concordia cruise ship sinking clearly identify the need for a crisis management planning system that can manage the adverse impacts of an escalating issue or accident.  These crises also identify the need for the CEO and top management to buy-in and express their endorsement of crisis management planning, particularly related to training top executive teams.

In a major critical incident, the executive Crisis Management Team will have the highest authority across all corporate response actions - they will be the decision drivers that affect corporate governance, corporate image and the future of the business. 

In light of executive planning, here is a checklist that identifies what needs to be in place to provide an orderly and efficient transition from normal to a crisis situation:
  • Is there an Executive Crisis Management Plan?
  • Is the Plan up-to-date and does the Crisis Management Team know its role and responsibilities?
  • Does the Team include primary and back-up team members for operations, emergency interface, public affairs and media management, environmental, health and safety, legal, finance and security?
  • Have worst case scenario threats been identified? Are there checklists to manage these?
  • Have systems been confirmed to notify key stakeholders?
  • Has a crisis communication strategy been confirmed?
  • Have arrangements been made to communicate with employees?
  • Is there a designated crisis management room and support rooms?
  • Is there a clear interface with other State and Federal offices and sites?
  • Has the Crisis Management Plan been tested at least half yearly?
  • Are exercises conducted on an annual basis?
  • Are critical events debriefed and are the learnings added to the Crisis Management Plan?
Uncontrolled crises can cause serious property damage, lawsuits, skyrocketing insurance premiums, loss of market share, brand, employee concern and interrupted workflow. Corporate leaders need to be sure that the organisation, its stakeholders and the community, are protected at the best possible level. 

With an Executive Crisis Plan, you can.

Wednesday, May 9, 2012

Crisis security for business abroad

The worst nightmare for a company is knowing that its people and assets are under siege in another country. And as anyone who has been in this situation can confirm in the midst of an escalating incident, it is the most emotional time for affected individuals and families.

Ironically, some of the methods of doing business in foreign countries designed to save money can actually put an organisation’s whole presence in that country at threat. For example, setting up a plant in an area where labour is plentiful but transport is difficult, can put security pressures on executive staff who are managing the project. They can be at risk from local criminal and political instability or their families can be at risk from the problems they may face travelling on dangerous roads.

The key to crisis management in this foreign business environment is the development of a plan that adds local knowledge and expertise to help manage the threats. Coming to terms with the most efficient response to a crisis or emergency will depend, to a great extent, on the reliability of the planning and preparation that takes place beforehand.

In a recent experience in an Asian country going through severe political change and instability, a large transport company had attempted to set up an emergency evacuation structure for their people. They were working to deal with the threat of terrorism or the possibility of politically motivated kidnapping. In certain parts of South America and Asia, there is a continuous problem with short term kidnapping for fast financial gain.

In some Asian countries, there is rarely a day that goes by where there is not some reference to a financial deal done with terrorists related to a kidnap situation.

In this case, the company was slow in putting together guidelines for protecting the organisation against potential problems. A number of employees at the company had decided to take a plan into their own hands. They decided that if their families were the victims of kidnap for ransom or any form of terrorism, they would create their own group of negotiators and deal directly with the kidnappers.

Their fear was exacerbated by an incident where the wife of one of the employees was threatened by a chauffeur driving their children to school. She fortunately was able to take control of the vehicle and drive her family to a safe situation. Her husband, with other expat friends, formed a local response group to deal with the situation, which led to a violent retaliation that involved company, government, police and consular officials. The situation did get out of control and the company was the loser. If they had a tested response plan there in the first place, the security threat would have been easier to deflect and control.

Finally, management stepped in and set up a formal crisis management plan that prescribed a security policy and offered guidance to ensure a state of pre-emergency readiness.

They worked with a private international security company to reduce the risks through a security program that identified the company’s exposures to problems in that region. Greater intelligence was gathered to ensure an understanding of the threats and appropriate measures were taken to protect the management and staff, but also to ensure continued operations.

Doing business in countries with unstable political structure calls for proactive crisis management.

Monday, January 23, 2012

Titanic crisis centenary


April 2012 is the centenary of the sinking of the Titanic. In January this year, the capsizing of the Costa Concordia sent a terrifying message that crisis management planning for passenger cruising has not progressed far in 100 years.

Safety was the central issue then, and safety was the issue on this new generation luxury ship. Again, almost 100 years later, passengers had to scramble to the other side of the sinking vessel as many of the lifeboats and rescue equipment were submerged. Also a key learning from the Titanic disaster was that passenger ships should have compartmentalisation to isolate flooding and allow water to be pumped away. This safety system appeared not to work on the Costa Concordia.

There are so many allegations of blame related to the company and the Captain from passengers on the bridge and "salute" manoeuvres that caused the ship to crash, to evacuations hampered by an ill prepared crew, the Captain deserting the ship and passengers bribing crew members for a place in lifeboats. The fact is, too many lives were lost in a shipping disaster that questions an industry lacking in regulation and safety standards.

Costa Cruises, owned by Carnival Corporation, say that Captain Shettino lied to the company and the ship's crew regarding the escalation of the incident. The confrontation between the Captain and the owners of the ship continues as the Captain has told the investigators that the company had instructed him to bring the ship close to the shore in a manoeuvre known as a "salute" to greet the people on the island. Records of the judge's statement in the hearing say that the Captain had "a total inability to manage the successive phases of the emergency".

Was there a crisis management and recovery plan in place? I think not. There seemed to be a breakdown in communication with passengers from ship to shore. Carnival's CEO Micky Arison took five days after the crisis unfolded to tweet - "I gave my personal assurance that we will take care of each & every one of our guests, crew and their families". This was included with a link to a Carnival press release promising to look after passengers. Then there were news reports that the cruise survivors have been offered a 30% discount on future cruises as part of possible compensation - a very insensitive approach to passenger relations.

The company was quick to blame Captain Shettino, but even if he was responsible for the incident, what controls and governance were in place to prevent the disaster occurring in the first place?

Six weeks after the Costa Concordia capsized, there was a major generator fire on the Costa Allegra in the Indian Ocean with a complete loss of power, sewerage, running water and air-conditioning. Helpless passengers waited days as they were towed to the Seychelles, fearing pirate attacks. There were no casualties.

The court of public opinion will decide on the future of the Costa brand but the centenary of the Titanic next month will show that little has changed in 100 years of luxury cruise ship accidents.