A special guest post by Global Security Consultant and Political Risk Expert, Paul Crespo. This is the seventh post in the series.
Global companies today face a variety of serious risks that range from political disturbances, terrorist bombings, supply chain disruptions, natural disasters and cyber-attacks, to the kidnapping of key executives.
Any of these threats can create corporate crises that can seriously damage your company’s operations, reputation and even existence. Even worse are the threats we don’t foresee or predict – potentially catastrophic Black Swan events like 9/11.
Depending on the country where it occurs, a corporate crisis can also be severely compounded by language and cultural differences that will magnify the confusion and multiply the damage. How your company handles a crisis can make or break its future. So, what can your international company do to prepare for a crisis?
Below are 3 key steps to take before a crisis explodes:
1. Identify Threats & Vulnerabilities
- Risk Assessments are conducted to identify threats and vulnerabilities and the likelihood of an event arising from them. Think outside the box. Prepare for worst case scenarios. If your company is prepared for the worst, it will better handle lesser crises.
- Business Impact Analysis (BIA) is conducted to identify critical business functions in the company and their potential vulnerabilities to different crises. This will help create plans to maintain, or quickly recover, these critical functions during a crisis.
2. Develop Strategic Plans
Once risks, vulnerabilities and critical functions have been identified and prioritized, your company should develop strategies to mitigate the risks, and then make plans to face and manage a crisis. These plans should include:
- Crisis Management plan to provide specific guidance to respond to a given crisis. It should include forming a Crisis Management Team (CMT) directed by senior management and composed of representatives from key business areas, as well as procedures to follow before, and during a crisis.
- Crisis Communications plan to communicate promptly, accurately and confidently during an emergency and its aftermath. It should identify a primary crisis spokesperson and all audiences (internally and externally) needing to be reached with information specific to their needs.
- Business Continuity Plan (BCP) expands on the BIA and Crisis Management plan to help manage any business disruption caused by the crisis, and ensure critical business functions are maintained throughout.
3. Train, Test & Update
Plans and systems can only be assured if staff is properly trained, and plans are tested. Your company should therefore regularly conduct:
- Training for crisis management, business continuity and crisis communications teams to ensure all personnel are prepared to do their jobs.
- Tests and exercises to evaluate staff, systems and plans. These tests should include crisis simulation exercises to test corporate responses to different crises. Simulations can be desktop exercises or full-scale “real-world” scenarios.
- Lessons learned from these evaluations should be used to constantly update and improve all plans and systems.
Conclusion
This is only a snapshot of things to consider, but if your company properly evaluates the threats, plans appropriately, trains its people, and tests and updates its plans and systems – it will be better prepared to deal with almost any crisis.
————-
Industry and government best practices:
* ASIS International: Business Continuity Guideline
* Federal Emergency Management Agency (FEMA)
————-
Be sure to read the other posts in this series:
Cyber Attack – 3rd Biggest Threat to International Business
How Secure are U.S. Businesses in Mexico?
Brazil’s Mega Events: Risks for International Businesses during the World Cup and Olympics
Surviving a Kidnapping: How Your International Business Should Respond
11 Ways to Avoid Getting Kidnapped While on Business Overseas
Political Risk Insurance: Why Your International Business Must Have It
________________
Paul Crespo is a global security and political risk expert. A Senior Consultant with Trident Crisis Management Group, he has appeared on Fox News, CNN and other major TV news venues. He has varied experience in corporate security, kidnap and ransom negotiations, intelligence and diplomacy as well as military operations in hotspots from the Balkans to the Persian Gulf. A former officer in the US Marine Corps he was also assigned to the Defense Intelligence Agency (DIA) as a military attaché and posted to several US embassies overseas. Paul graduated from the Georgetown University School of Foreign Service, and has a Masters degree in War Studies from Kings College, University of London, and a Masters degree in International Relations from Cambridge University in the UK. Paul Crespo can be reached at pcrespo@tridentcmg.com