An effective response to a crisis requires preparedness. However, many still find themselves inventing a response in-the-moment and focusing on being good firefighters. Leading organizations focus on preparedness as the ability to avoid, adapt and mitigate the fire, and only then accept that being the best at response is a competitive advantage compared with peers. Organizations need to understand what to look for in preparedness — both internally and externally. What are the signs to be recognized that indicate the worsening of a situation or the thresholds at which a full response is necessary?
Recognize the broad spectrum of potential crises
The best response to a crisis is to not let it become a crisis in the first place. This requires organizations to fundamentally reframe how they think about crises. “Given the speed and intensity of crises today, there is little sense in asking: How do we get ahead of the constant stream of crises? Instead, leaders should reframe the question as: How do we become adaptive and confident to navigate in a crisis-filled world?” states Katharina Weghmann, EY ESG Leader, Forensic & Integrity Services.
Organizations will want to begin by assessing their value chain to anticipate areas that could lead to a crisis. Like any risk assessment, a crisis assessment should identify where along the value chain the biggest risks lie. For some, it could be supply chain. For others, it may be data privacy or cybersecurity.
Active 24-hour threat monitoring can also help to detect, prevent and deter — both constant and temporary — hidden and creeping crisis threats. With a robust threat-monitoring program in place, organizations can evaluate the threat landscape on an ongoing basis to determine where and how to prioritize resources, and how to shift priorities as potential crises increase — either in likelihood or impact. Use of real, or realistic, threats often provides the best way to road test current plans and organizational capability.
Ready the organization for crisis management
Once the organization has an idea of the potential crisis threats, it can begin to develop a strategy for responding. This should include establishing, or reviewing and updating the crisis governance policy, frameworks and crisis playbooks that provide leadership, and operational guidance around specific crises and business unit impacts — to facilitate agility and the ability to pivot when needed as the crisis evolves. Wherever possible, many of the big decisions can be pre-empted within the playbook and agreed ahead of time, when debate and clarity do not distract from the speed required in the heat of response.
To this end, organizations will want to run an exercising program, including simulations for a broad spectrum of potential crisis events, to help business functions understand the threats and refine how teams would react, while updating the playbook to reflect key learnings. These will integrate and build end-to-end capability over time, reinforcing the top-to-bottom links and relationships critical to a successful response.
Organizations also need to make principled, conscious choices about where to focus their investments first — based on good horizon scanning. Some investments can offer relatively low-cost solutions that give the organization more opportunities to pivot during a crisis. These solutions can be premade and available whenever the organization needs them, when suitably considered and assessed during planning.
Respond to crises with integrity
Crises can be ambiguous, which is challenging for people. It is hard to pre-plan and manage in situations that are, by their very nature, uncertain. Crises can be made even more difficult because of crisis events being both global and local, across multiple time zones, with differing legal and regulatory ramifications, and with resultant customer and supply chain issues. The complexity can increase when such events require a focused response to specific audience and stakeholder needs.
With a playbook in hand and the crisis leader mobilized, organizations should have the tools to respond. However, they may also want to rely on a team of trusted advisors to help them navigate the legal, regulatory, public relations, communication, environmental, supply chain, HR, data and technology, tax, and all other aspects of a crisis. The scale of addressing all these challenges often surpasses the resources within the organization, and skilled crisis facilitation becomes a valuable commodity which can be planned in and integrated from external advisors.
During this phase, organizations must continue to live by the values of the organization and what it stands for. It can be easy for organizations to divert from their values when under duress.
Equally, organizations need to recognize the emotional and physical toll that crises take. Organizations do not respond and then go back to business as usual. Crises are both organizationally and individually fatiguing. Organizations are not designed to operate in a crisis for any length of time.
“I’ve seen clients that have a plan to deal with the crisis. But in the center of the storm, there’s no coordination of how to actually react. This can lead to mismanagement, serious cost implications and the loss of highly valued talent all because the emotional toll of a poorly executed response was enormous,” says Brenton Steenkamp, Lead partner, Forensic & Integrity Services.”
Recover and reflect on crisis management lessons learned
Once the immediate crisis has passed, the organization will need to flip into recovery mode. This may include harnessing the experience of the crisis to strengthen or reinforce response plans and to improve agility. Recovery may be an opportunity to emerge stronger than before and to reset priorities.
While organizations often rely on business continuity or resilience plans for recovery from disruption, true crises often present challenges that those plans have not anticipated in either scale or spread. It is useful to use the prior planning stages to challenge the underlying assumptions in recovery capabilities and ensure that they really match organizational need.
“The impact of a crisis invariably may cast long-term implications for organizations. In Southeast Asia, suppliers that are dependent on international markets are particularly sensitive to crises because of the cascading impact they can have,” says Ramesh Moosa, EY Asean and Singapore Forensic & Integrity Services Leader. “The imposition of sanctions, import restrictions or the termination of a contract by a major client due to any adverse media publicity can quickly topple all its businesses in other markets and with key clients. The road to recovery in these instances tends to be long and it is crucial to act on the valuable lessons that have been learned.”