Crisis Communication, Business Continuity, And Risk Management

I recently recorded a podcast with Stephanie Balaouras, discussing the potential for increased collaboration between crisis communication, business continuity, and risk management functions. The strategies that businesses implement to manage disasters can mean the difference between bankruptcy and resilience... and we unfortunately see reminders of this on an almost weekly basis.

As each disaster hits the news (BP’s oil spill in the Gulf Coast, the recent volcanic eruption over Iceland, the financial crisis, the H1N1 virus, the extreme weather that crippled Washington, DC this past winter, etc.), the overwhelmingly negative impacts that occur start to hit home. Fortunately, we are starting to see our clients turning more to their crisis communication, business continuity, and risk management teams to ensure that they are prepared for the worst.

There are many potential points of collaboration between these teams. . . from modeling critical business processes and assessing the business impact of incidents to executing effective remediation plans and conducting post-incident loss analysis. Recently, I’ve also seen companies that talk about starting from scratch with a risk management function, although they have already done a substantial amount of relevant work for their business continuity function.

Of course, while there are some good trends that point to increased cooperation, there are still many areas for further improvement for every company. In fact, our data shows it to be the rare case in which both internal and external crisis communication functions are handled well in the same plan, with one usually being much stronger and more of a focal point.

If you are interested in learning more about this, I suggest you listen to this 15-minute podcast and check out some recent, related reports – Crisis Communication: Building An Effective ProgramStrengthening The Relationship Between Risk Management And Business Continuity, and Crisis Communication: Defining Roles And Responsibilities. These materials offer more in-depth analysis of some of our survey findings, which should help you assess how well you’re doing compared to industry peers.

As always, we look forward to any comments or feedback you may have.



Business Continuity - In the realm of risk...

Great article highlighting the need for everyone to have a much higher computer/data security awareness. Check a (free) blog, "The Business-Technology Weave" (can Google to it) - it reflects and counsels on exactly the subjects here - biz continuity, communication and risk management - in fact, the author's words are most potent, "In the realm of risk, unmanaged possibilities become probabilities." Very powerful, and really reflects what this article is saying. The majority of breaches are due to human error, therefore awareness and common sense are key, in supporting all necessary best practices. The blog author also has a book we use at work, "I.T. WARS" (you can Google that too). It has a great Security chapter, and others that treat security. Highly recommended. Great stuff.

The dancer from the dance

Chris -

Unfortunately I don't have access to the podcast, but I'm curious how a company can have a business continuity plan that does not incorporate a strategy for crisis communication or risk management. This post makes risk management, business continuity and crisis communication sound like they are independent endeavors, while I cannot see any functioning independently of eachother. Segmentation of this type seems like it would be to the detriment of each of them.

Thanks for the comment Erik.

Thanks for the comment Erik. For large enterprises, these three functions are practically always managed by three distinct teams, which is how it should be. As I mentioned, there is substantial overlap and opportunities for cooperation among them, but they are not the same (for example, crisis communications teams deal with public relations issues not relevant to business continuity, and risk management teams oversee many risk domains not related to business continuity).

The podcast and the blog post on which you commented point out that greater collaboration between these functions would be valuable. I'm not sure how you interpreted my comments as advocating independence, but I'm happy to explain further if you have additional questions.