.svg)
How can organisations respond to existential threats with clarity, confidence, and cohesion? Senior Associates Simon Harris and Hope Watson set out a 5-step crisis and issues management framework that centres on proactivity and preparedness.
Crises are, by definition, disruptive and often unpredictable. Yet while their timing is uncertain, their occurrence is not. At some point, organisations are likely to encounter an issue that requires careful navigation, and a swift, strategic response. Waiting until the eye of the storm to decide how to respond could result in a flawed response that might threaten the organisation further.
We recommend devising a crisis management plan using a robust 5-step framework, enabling organisations to respond to threats with clarity, confidence and cohesion.
Step 1: Establishing a baseline
Threats
Begin with a structured exercise to identify and map out potential threats.
These may include cybersecurity threats, customer service interruptions, economic volatility, threats to the safety of people or physical assets, product or operational issues, regulatory or governmental interventions, and workforce challenges.
By identifying potential issues, organisations can build an appropriate plan with the advantage of time.
Stakeholders
Equally important is the mapping of stakeholders to understand who may need to be communicated to in the event of a crisis. Organisations (listed or not) must understand their primary audiences – be they customers, employees, shareholders, media, regulators, or others.
Ensuring the right information reaches the right stakeholders at the right time and in the right way is essential.
Monitoring
Maintaining a clear understanding of your baseline is essential for effective risk management. By consistently monitoring, organisations can quickly identify shifts that signal emerging threats or the involvement of new stakeholders.
Step 2: Decision-making frameworks
Once potential threats and important stakeholders have been identified and regular monitoring established, a clear decision-making framework should be built.
Issues can be triaged through an escalation system. Internal governance must define which leaders are authorised to declare each level of crisis. For example, a gold-level crisis – one that could materially impact the future of an organisation – should only be able to be declared by identified leadership with clearly designated authority to do so.
Each level must have designated leaders responsible for declaring both the type of crisis and the organisation’s response.
Step 3: Roles and Responsibilities
Once you have established how decisions will be made, the next step is to define the roles and responsibilities within your crisis response team. Here, clarity is essential. Each member must understand their specific duties and decision-making authority.
Roles could include cross-function project management, threat monitoring and triaging, message development and deployment across channels, and internal/external stakeholder management. It is equally important that individuals are identified with responsibility for the post-crisis recovery at the same time. The aftermath of a crisis, and how it is dealt with, has the potential to impact reputation just as much as the crisis itself.
Maintain detailed and up-to-date contact lists so the team can mobilise instantly, enabling a rapid and coordinated response – consider hosting these on back-up digital channels.
"In high-risk scenarios, success hinges on having the right people in the right place. This is not just those who are part of your internal team, but also trusted external advisors – specialists in fields such as strategic communications, investigations, the law and cybersecurity – who can provide invaluable support and vital perspectives."
Step 4: Crisis Communications Plan
Well-crafted threat messaging is critical, serving as a foundation for any crisis response.
Insights from the threat and stakeholder mapping exercise must be integrated to help inform the creation of such multi-channel messaging. This will include holding statements (accounting for escalations) and a comprehensive Q&A to cover off the broad spectrum of potential threats.
While it’s difficult to predict an exact situation, these resources will allow teams to react more effectively in real-time, adapting pre-approved materials as required to address specific issues and audiences.
Step 5: Training and testing scenarios
Regular training and crisis exercises are essential to convert theory into action. These should be delivered to response team colleagues and other important stakeholders at least every six months.
Playbook materials and contact lists should be updated based on evolving risks and lessons learned during these training sessions. Internal safeguards and resilience measures can also be tested and strengthened.
Table-top exercises and crisis simulations are invaluable, ensuring teams are well-rehearsed and prepared to tackle threats with composure and precision.
A proactive approach
Issues and crisis preparedness is not a static discipline. Rather, it demands ongoing adaptation, collaboration, and vigilance.
"By investing in proactive planning, decision-making frameworks, and regular training, organisations can build resilience and safeguard their licence to operate."
In times of uncertainty, clarity of communication will help define the outcome. Organisations that embrace these principles will be well-positioned to navigate and defeat the threats they face.
- Simon Harris, Senior Associate, is a strategic communications adviser who helps high-profile individuals and global businesses to navigate and resolve high-stakes situations.
- Hope Watson, Senior Associate, is an experienced intelligence specialist with recent experience of large, complex and pan-jurisdictional litigation, involving complex open-source intelligence collection, rigorous analysis and network mapping.
