When was the last time you sat down with different members of your team or staff to identify risks that leave your organization vulnerable? When was the last time you looked at the risks you’ve already planned for and determined whether or not those risks have evolved or changed?
As technology, social media and the online world continue to evolve, unfortunately, so do the risks that leave your organization vulnerable. Spending time on a regular basis making sure that these risks have been assessed, prevented where possible and planned for where unpreventable should be an important part of your risk management and business continuity strategy. (And hey, this can be an informal luncheon brainstorm session that takes place every quarter. It doesn’t have to be a stuffy-take-time-out-of-your-work-day-meeting that no one looks forward to!)
Don’t think your crisis plan has blind spots?
Don’t think this applies to you? Let me throw three common crisis scenarios at you and you can reflect on whether or not your team is prepared for each of them – and don’t assume you know the answer, actually go and find out!
Risk 1: Becoming the victim of a defamation attack
An absurd amount of businesses, of all different industries and sizes, are losing reputation and major revenue from well planned and highly impactful defamation attacks. These attacks can and do come from anybody – from angry customers to unlawful competitors – and require legal and crisis communication expertise to manage.
If you were to become the victim of a defamation attack, does your legal department know the best practices for dealing with internet defamation (i.e.: When to send a cease and desist letter and when not to; how and when to get a court order to have the search engines remove the content; etc.)? Is your legal department prepared to work in conjunction with your IT and communication departments to help protect the organization’s reputation and legal rights? What if you don’t know who’s responsible for the attacks? Do you have a cyber-investigation company on speed dial?
Risk 2: Technology and the internet leave us all vulnerable to being hacked
When it comes to technology, we can never be too safe. Just look at what happened to Target and Home Depot. But hackers may not only be after your credit card systems. Who does your company newsletter get distributed to? If it were hacked, could it present some serious threats to your reputation? What about your email system?
How safe and secure are these commonly used and often under-looked direct means of communication? Do you have systems in place for keeping your platforms, data and proprietary information locked down and secure? Additionally, if you were to fall victim to a hack, how long would it take your team to notice and are they confident and secure on the actions that need to take place – extremely quickly – to further protect the organization’s data, and to communicate with the right stakeholders to protect the organization’s reputation?
Risk 3: A lack of bandwidth can leave you without a crisis communication home base
If a viral crisis were to strike and hundreds (or more) of people were to navigate to your corporate website for more information, would your website crash due to an overload of traffic? Have you worked with your IT department to make sure that your website has enough bandwidth to hold an influx of traffic in times of emergency?
Risk assessment sessions should be regular practice – and should be fun
There are so many areas in which technology and the internet leave us vulnerable. It’s up to you and your team to stay on top of these risks and to continually make sure that you don’t get blindsided.
Having a strong team that meets regularly to protect the organization from risks and threats should be part of your business continuity and risk management plan. But like I said above, these meetings don’t have to be stiff and boring. They can be lose and enjoyable, with a focus on team building and risk management.
Reminder: When you’re assessing risk, it’s important to remember that if you can think it, it can happen. Therefore, no idea is invalid or not worth exploring.
Who should be involved in this exercise?
Every member of your team has a different relationship with your brand and its stakeholders. Therefore, the more people you involve in this exercise, the better the brainstorming session you will engage in. Heads of the following departments are worth considering to include within these sessions:
- Board of directors / Executive team
- Marketing / Pr / Communications
- Legal
- Customer service
- IT
- Manufacturing / Production
- Operations
One last thought
If crisis prevention is the best form of crisis management (because it is), what are you actively doing to prevent crises?
Author of Crisis Ready: Building an Invincible Brand in an Uncertain World, Melissa Agnes is a leading authority on crisis preparedness, reputation management, and brand protection. Agnes is a coveted keynote speaker, commentator, and advisor to some of today’s leading organizations faced with the greatest risks. Learn more about Melissa and her work here.
Risk assessment and crisis management are must-have skills as a PR professional. In order to effectively prevent or solve a crisis, we must constantly monitor and connect with those social media platforms relevant to our companies. Even if there's something bad happens, the constant engagement with social media will help us develop a solution in a short time to reduce the bad impact on reputation. Besides, having a group of experts from departments of IT, marketing/communication, customer service, etc. to predict the possible crisis and its relevant solution in advance or to assess the risk of a crisis and develop a solution is important for the rebuilding and maintenance of a company's reputation.