Every organization faces risks – and some of those risks may result in disruptions or other ‘incidents’. An effective response to an incident requires many things. We’ve combined them into a 5-part “Incident Horizon”: Planning, Preparedness, Initial Response, Planned Response and Extended Response. In this blog we look at the composition of one of those phases of the Incident Horizon.
The Right Plans for the Situation
The larger an organization, the more likely it has many Plans. Not just a variety (Emergency, BCP, DR, Crisis Management, etc.), but a significant volume; dozens, perhaps hundreds of Business Continuity Plans. Determining which Plans to activate in response to a disruption of day-to-day operations can be a daunting task without an orderly means of linking Plans to the assets – locations, people, processes, technology elements, supply chain components – each is designed to recover.
At face value, a Plan designed to recover a facility (and all the assets housed within) would make selection simple. But, as already discussed in a prior article, as important as the initial is the ‘domino effect’ of one disrupted business process (for example) impacting other downstream processes.
Plans created to restore assets (rather than to respond to scenarios) enable Impact Assessments to determine the Plans which will directly address those impacted assets, making the Incident Management Team’s job simpler.
Interacting with Responders
When activation of multiple Plans us required, communication and collaboration become increasingly important. Notifying Responder Teams is important but enough. Interaction between the Incident Management Team (IMT) and Responder Teams (locally, geographically separated or “in the field”) must be two-way communication, not simply missives from the IMT.
Once activated, the IMT will wish to provide those Responder Teams with strategic guidance, and point them toward the goals to accomplish that strategy In return, those Teams will need to communicate milestones as they accomplish them – so the IMT will be able to monitor the recovery progress. Is a Team nearing its RTO target – or is it falling behind the expected schedule? Have they completed a task on which some other Team’s Plan depends? There could be dozens of Plans activated simultaneously. Providing the IMT with the ability to monitor Plan progress and understand their status will be critical to the success of the Response. That requires organization and advance planning.
No matter how thoroughly Plans have been created to recover specific assets, nor how frequently they’ve been tested, problems and issues are certain to arise. Those Responder Teams also need a pre-determined means to report issues; the IMT needs protocols to respond to those issues.
Multi-level Communication
The ability to project messages (one-way communication) is nonetheless important. During the course of an Incident there will be reasons to provide information to a variety of audiences.
Even when “crisis communications” is assigned to a separate (and presumably well-trained) team, the IMT will be the chief provider of facts for those communications.
In many cases, the Incident may not impact everyone. Those who are not immersed in the recovery process will still need to be kept informed. This is especially true if executive staff members are not part of the IMT. The business of the organization must continue – and senior managers will be hungry (perhaps ravenous) for status updates. If (as discussed in an earlier article) the IMT is not prepared to ‘push’ information to them, those executives will tie up valuable phone lines searching for updates.
The same is true for other staff members who are not directly impacted. Lack of communication will be perceived as “nothing is happening”. That’s how rumors start (and perpetuate). A separate Team may handle internal communications, but the IMT will still be the primary source of accurate information.
A Business Continuity Management program can develop the intelligence and preparedness to enable Responders at all levels to take action quickly, while leveraging their Plans and training to make a measured, and sustainable, response. No Emergency Operations Center should be chaos. With the right amount of planning, preparation and exercise it won’t.
