Computer Science

Principles of Incident Response and Disaster Recovery, 2nd Edition

Chapter 12

Crisis Management and International Standards in IR/DR/BC

1

1

Objectives

Describe the role of crisis management in a typical organization

List recommendations for the creation of a plan preparing for crisis management

Discuss issues in dealing with post-crisis trauma

Explain the process of getting people back to work after a crisis

Describe the impact of the decisions regarding law enforcement involvement

Principles of Incident Response and Disaster Recovery, 2nd Edition

2

2

Objectives (cont’d.)

Discuss how to manage the crisis communications process

Explain how to prepare for the ultimate crisis in an organization through succession planning

List and describe key international standards in IR/DR/BC

Principles of Incident Response and Disaster Recovery, 2nd Edition

3

3

Introduction

Most critical asset: people

Employees, vendors, customers, or neighbors

Crisis response

Often overlooks steps to preserve people

September 11, 2001 attacks

Reinforced notion that people cannot be replaced readily

Such catastrophes set new benchmarks

Disaster management plans

Prepare organization for the impact of loss of people

Principles of Incident Response and Disaster Recovery, 2nd Edition

4

4

Crisis Management in the Organization

Crises arrive at organizations

Whether expected or not

Whether or not contingency plans and crisis management preparations in place

Principles of Incident Response and Disaster Recovery, 2nd Edition

5

5

Crisis Terms and Definitions

Institute for Crisis Management (ICM) crisis

Business crisis: significant business disruption

Direct impact on the lives, health, and welfare of an organization and its employees

Typically caused by the same events that cause incidents and disasters (natural and man-made)

Critical difference: potential impact on lives

Principles of Incident Response and Disaster Recovery, 2nd Edition

6

6

Crisis Terms and Definitions (cont’d.)

Crises studied by ICM

Result from management not taking action when informed about a problem that will eventually grow into a crisis

Two types

Sudden crisis

Operations disrupted without warning

Smoldering crisis

Problem or situation not generally known inside or outside the organization

Principles of Incident Response and Disaster Recovery, 2nd Edition

7

7

Crisis Terms and Definitions (cont’d.)

Crisis management (CM)

Set of actions taken in response to an emergency situation in an effort to minimize injury or loss of life

Emergency situation: isolated or widespread

Emergency response

Actions taken to manage immediate physical, health, and environmental impacts resulting from an incident

Crisis communications

Steps taken to communicate what is happening or has happened to internal and external audiences

Principles of Incident Response and Disaster Recovery, 2nd Edition

8

8

Crisis Terms and Definitions (cont’d.)

Humanitarian assistance

Actions taken to meet psychological and emotional needs of various stakeholders

Crisis management planning (CMP)

Process of preparing for, responding to, recovering from, and managing communications during a crisis

CMP process emphasis

Planning function during the “preparing for” stage

Primary guiding document

Crisis management plan (CM plan)

Principles of Incident Response and Disaster Recovery, 2nd Edition

9

9

Crisis Misconceptions

Majority of business crises are sudden crises

Reality: significantly more smoldering crises than sudden crises

Crises most commonly the result of employee mistakes or acts of nature

Reality: mostly the direct or indirect result of management actions, inactions, or decisions

ICM crisis categories

Failure of management controls occurs most

Principles of Incident Response and Disaster Recovery, 2nd Edition

10

10

Principles of Incident Response and Disaster Recovery, 2nd Edition

11

11

Preparing for Crisis Management

Crisis management prepared similar to IR, DR, BC

Managers deal with crisis regularly

Small and innocuous or large and catastrophic

Successful executive management

Deals successfully with crises

Results from careful planning executed decisively to deal with issues quickly before harm comes to the organization

Promotes strategic organizational objectives

Principles of Incident Response and Disaster Recovery, 2nd Edition

12

12

General Preparation Guidelines

Tips to improve CM processes

Build contingency plans, identify teams, train staff, and rehearse scenarios before a crisis occurs

Verify staff members know that only designated crisis management team members represent the company

Plan to react as fast as possible

Ensure you have highest quality plans and processes

Always give complete and accurate information

Adopt the long view and consider long-term effects

Principles of Incident Response and Disaster Recovery, 2nd Edition

13

13

General Preparation Guidelines (cont’d.)

Excuses offered for not being prepared

Denial

Deferral or low prioritization

Ignorance

Inattention to warning signs

Ineffective or insufficient planning

Preparation for CM

Follow multistep process used for IR, DR, and BC

Principles of Incident Response and Disaster Recovery, 2nd Edition

14

14

Organizing the Crisis Management Team

CM planning committee

Gathers information; lays out future plans

CM planning team

May become the CM operations team

Representation from impacted areas and a champion

CM operations team (CM team)

Staff members engaged in actual response

CM team members: team leader, communications coordinator, emergency services coordinator, others

Head count: process of accounting for all personnel

Principles of Incident Response and Disaster Recovery, 2nd Edition

15

15

Crisis Management Team Planning Preparation

Questions stimulate conversation

What kind of notification system do we have or do we need? Is it automated or manual? Is it able to reach all employees or just management and the crisis team during business hours and after business hours? How long does it take?

Do we have an existing CM plan? If so, how old is it, and when was it last used or tested?

What internal operations must be kept confidential in order to prevent embarrassment or damage to the organization? How are we currently protecting that information?

Principles of Incident Response and Disaster Recovery, 2nd Edition

16

16

Crisis Management Team Planning Preparation (cont’d.)

Questions stimulate conversation (cont’d.)

Do we have an official spokesperson for the organization? Who is our alternate?

What information should we share with the media if we have a crisis? With our employees?

What crises have we faced in the past? What crises have other organizations in our region faced? In our industry? Have we changed how we operate as a result of these crises?

Answers provide foundation for shaping the CM plan

Answers assist team organization, initial strategies

Principles of Incident Response and Disaster Recovery, 2nd Edition

17

17

Crisis Management Critical Success Factors

Leadership

Leaders influence employees

Managers administer resources

Leadership skills

Ability to multitask; rational under pressure

Can express empathy

Uses quick and effective decision making

Able to delegate and use good communication

Ability to prioritize

Principles of Incident Response and Disaster Recovery, 2nd Edition

18

18

Crisis Management Critical Success Factors (cont’d.)

Speed of response

If CM plan becomes mobilized in the first hour

Then highest probability of coming out of the crisis with minimal impact exists

A robust plan

Clearly defined, rehearsed, and managed

Provides best possible chance of surviving a crisis

Principles of Incident Response and Disaster Recovery, 2nd Edition

19

19

Crisis Management Critical Success Factors (cont’d.)

Adequate resources

Access to funds (cash), communications management, transportation, legal advice, insurance advice and service, moral and emotional support, media management, effective operations center

Funding

Spend what you need, when you need it

Employee assistance programs, including counseling

Travel expenses and employee overtime

Replacement of employee property

Compensation for the injured

Principles of Incident Response and Disaster Recovery, 2nd Edition

20

20

Crisis Management Critical Success Factors (cont’d.)

Caring and compassionate response

Need people skills and demonstrate an understanding of employees personal issues

Provide comfort items

Excellent communications

Keep employees, community, and media informed of events and efforts

Have key personnel undergo media training

Know your stakeholders; keep them apprised

Tell the truth; have information ready to distribute

Express pity, praise, and promise

Principles of Incident Response and Disaster Recovery, 2nd Edition

21

21

Developing the Crisis Management Plan

Document specifying roles and responsibilities of individuals

Purpose

Identify individuals to whom the document applies

Crisis management planning committee

Identifies the individuals by name or by position

Defines difference between the planning committee and the operating team

Principles of Incident Response and Disaster Recovery, 2nd Edition

22

Order now and get 10% discount on all orders above $50 now!!The professional are ready and willing handle your assignment.

ORDER NOW »»