No matter the crisis, belated planning is a recipe for disaster. Crisis and business continuity teams won’t have sufficient time to revisit untested plans, let alone build new ones from scratch.
Instead, companies should start putting plans and playbooks in place to manage the effects of disruptive incidents, especially those most likely to occur in their line of work.
This latter point is key. Businesses can’t plan for everything. They should, however, take stock and forecast likely scenarios in their industry. Crisis and Business Continuity teams should also perform vulnerability audits of internal risks, information gathered from which will go into plans and playbooks.
Crises growing in kind, cost, and intensity
Even before the pandemic, a Deloitte Insight Report found that 60 per cent of crisis leaders said their firms faced more crises than they did ten years ago. A staggering 80 per cent had to mobilise their crisis teams at least once between 2016 and 2018.
The numbers suggest that Australian businesses can no longer afford to wait for crises to wash up on our shores. For one, the financial toll is devastating. Add to that, the risk of post-crisis closure is high. Businesses need to prepare for the inevitable while keeping staff safe and productive.
Start planning today
The COVID-19 crisis revealed a lack of scenario planning. A Blankrome COVID-19 Employer Survey Trends Report found that more than 70 per cent of businesses lacked pandemic-specific emergency plans, ignoring an important lesson learned from prior public health crises, SARS and H1N1.
Building resilience necessitates having tailored plans of specific depth to prepare, respond, and recover from likely scenarios.
How to go about it:
Assemble a well-rounded crisis planning team. In larger businesses, this should include cross-functional representatives from Communications, IT, Legal, Operations/Facilities, Finance, Safety, as well as key suppliers, your Board, and C-Suite. In public health crises, particularly, Legal and/or Compliance representation is important. During pandemics, businesses usually operate under a new set of rules and regulations set out by their jurisdiction and relevant health authorities (local, state, and federal).
Of course, planning for other crisis scenarios might also have a legal compliance element, like data breaches in jurisdictions with data privacy regulations. Similarly, any scenario that poses a safety or security risk to workers (bomb threat, active shooter, etc.) will have a knock-on effect on employer duty of care obligations.
Re-enable supply chains so that critical resources come in and get out. The COVID-19 crisis highlighted the vulnerability of global supply chains. But those vulnerabilities aren’t just pandemic specific. And so, a scenario plan that covers supply chain will go a long way towards mitigating risk.
As part of that effort, organisations should commit to doing due diligence on their entire supply chain, including tier-two suppliers and beyond. Pieces of information garnered from those risk assessments should then be stored in digital crisis and business continuity technologies that organisations will use during the response and recovery phase of a crisis.
Mandatory lockdowns are staple public policy interventions to contain the spread of pandemic influenza. But there are any number of crises that will force workers to evacuate their offices. For those individual scenarios, organisations will have to consider keeping employees at home, which means making the necessary technological investments to support remote work.
Ensure a safe return to work for scenarios where lockdowns become mandatory. To this end, businesses should be involved early on in safe reopening operations, factoring in enhanced cleaning, disinfection, and ventilation protocols and other considerations. Leaders should also be prepared to disseminate regular, high-quality information to employees about their decision to bring staff back well ahead of time.
Then there’s the question of who to bring back when. Businesses who shift to an entirely remote workforce during a crisis might consider a staggered return to the office to limit continuity and availability risk if the safety threat lingers.
Invest in affected worker case management to reintegrate any affected employees back into the office setting. In the case of a public health crisis, business leaders should consider acting as a public health authority, performing contact tracing on its own employees who were potentially exposed to the disease, and mandating that they quarantine for the approved period of time.
Of course, these measures only scratch the surface of what it takes – the sheer know-how needed to ensure resilience in this age of escalating crises is mind boggling. Luckily, you don’t need to know everything. Libraries of best-practice content about responding to and recovering from various crisis scenarios exist in abundance. And so, we recommend investing in digital solutions that have already done the hard work of operationalising that cumulative knowledge in a secure platform.
You can’t outrun crises. But making digitised plans, checklists, and communications available to your crisis and business continuity teams, wherever they are, gives you a good chance to outsmart crises and keep staff safe and productive.