While most organisations don’t need to use crisis communication every day, all organisations do manage risk daily – consciously or unconsciously, successfully or… not so much.
It doesn’t take much for a poorly handled risk situation to turn into a messy crisis scenario.
Organisations that invest in risk management communication planning have a much better chance of emerging from tough situations with their reputation intact.
Planning helps ensure risk scenarios that do arise are more likely to be handled sensitively, promptly and with clear communication.
Yet too many organisations don’t take the time to identify their major risk scenarios and end up scrambling for how to respond to them.
Good risk management communications planning is all about mitigating risks before they become serious problems.
Formalising the planning process helps organisations effectively anticipate risks and put in place procedures on how to communicate with stakeholders in a timely and transparent manner.
This can help minimise reputational or financial impact, protect business continuity and help build trust with stakeholders, whether they are customers, investors, employees, or the broader public.
For some industries, such as financial services or health care, this sort of planning is not a “nice-to-have”, but a key component of compliance to regulatory standards. This rigorous approach is advisable for any organisation in any industry.
A typical plan would include an overview of the organisation outlining key stakeholders and their preferred communication channels, clear definition of crisis roles and responsibilities, work and after hours contact details, and of course key messages and an action checklist.
Consider holding a risk management communications planning workshop facilitated by external specialists, at least annually. External experts can bring expertise and lateral thinking outside the sometimes blinkered internal organisational view.
This session must have buy-in from across the organisation – from the CEO, to the comms, legal, HR and operational teams who all have key roles to play in mitigating any risk situation.
It is best not to be too specific when scenario planning: look at the types of threats your organisation could face and create broad messages of what you’d need to get across.
Once you’ve pinpointed the major risk situations, it’s essential to have an honest discussion of how capable your organisation would be to handle this (if there are gaps, now’s the time to rectify them).
Discuss key stakeholders for each scenario, what sort of communication channels would be best to reach them quickly, and what clear processes, templates and resources should be created help deal with each situation.
“Holding” key messages that meet your needs can be put in place for each scenario, ready to be fine-tuned if that type of risk situation arises. It’s much easier to have this in place than to have to create them from scratch and get them approved and distributed in the heat of a crisis.
There could be scenarios very specific to your industry, but some common scenarios to brainstorm are: what crisis communication and actions should we enact if a board member or senior executive was accused of fraud? If a staff member was seriously injured at work? Or if a disgruntled customer waged a very public negative campaign against us?
As well as these and other perennial risks, there are emerging risk issues around digital and cyber threats and ESG (environmental, social and governance) impacts that should be workshopped.
Consider the different stakeholders you’d need to communication with. Are they all in one location or widely dispersed? What internal resources will be allocated to dealing with the risk situation? Think also about the logistics of how this risk management strategy would be implemented (what IT, media monitoring, phone hotline or other initiatives would you need to put in place?).
Consider competitors or voices of opposition who could take advantage of the situation, as well as which government entities (both politicians and bureaucrats) you might need to keep in the loop.
Don’t Set and Forget
A risk management communications strategy must be a living document, not just a hard copy manual that sits gathering dust in someone’s office.
Clear and current protocols for transparent and proactive crisis communication can help an organisation survive a reputational hit, so review your processes and scenarios at least annually.