Why do organisations that know a crisis can cause intense damage to reputation and value take so few steps to prevent crises from happening in the first place? This is one of the perplexing questions of contemporary management.
One important element in this riddle is that many organisations simply fail to appreciate the difference between tactical crisis response and strategic crisis management, and thus miss the critical prevention phase. Importantly this is not a just a matter of semantics and definitions. How an organisation approaches crisis management can represent a genuine threat to survival. The reality is crisis response and crisis management are not the same thing, and that distinction lies at the heart of the modern approach to crisis management.
The traditional response approach is simple and effective in a limited way. It prepares the organisation in the event a crisis occurs, and helps it respond as effectively as possible to minimise the damage. This has been called the Event Approach – treating a crisis as an event you prepare for and then respond to. By contrast the emerging, more strategic approach represents a crisis not so much as an event, but as a point along a process which begins long before the crisis, continues through preparedness and prevention, works through managing the event itself, and then addresses the many organisational risks which develop after the event. This so-called Process Approach is undoubtedly one of the most important recent evolutionary developments in crisis management, bringing an increased focus onto two previously underdeveloped areas.
The first of these areas is crisis prevention. Conventional crisis preparedness is vital – including key activities such as crisis management manuals, team selection and training, pre-prepared contact lists and written materials, and a variety of simulations and training. However none of these activities helps reduce the likelihood of the crisis happening in the first place. They are like the insurance the homeowner takes out against fire and burglary. The insurance policy itself does nothing to reduce the chances of fire or burglary. It simply provides the homeowner with some financial protection, paid for in advance. But responsible homeowners do more than just take out insurance. They install smoke detectors, fire alarms, intruder alarms and CCTV, plus double locks on doors and windows. It is these steps which go beyond passive insurance (crisis preparedness) and add proactive steps to reduce the likelihood of disaster happening on the first place (crisis prevention). Obviously no astute homeowner would do one without the other.
In exactly the same way, the Process Approach to crisis management calls for organisations not just to put traditional crisis preparedness in place but also to implement a wide range of proven activities to prevent the likelihood of the event occurring. These might include environmental scanning, risk analysis, media monitoring, issue management, and preventive maintenance, as well as effective emergency response (because an emergency badly managed has the potential to become a crisis).
None of these activities is fresh or original. What is new is explicitly positioning them within the context of crisis prevention as part of a continuum of organisational activities which constitute comprehensive crisis management. It helps explain the value of strategic crisis management as opposed to tactical crisis response.
The second underdeveloped area highlighted by the modern Process Approach is the need for a much more complete view of what happens after the crisis. The traditional Event Approach focuses primarily on getting back to “business as normal” as quickly as possible. This business continuity or operational recovery model typically has a strong emphasis on tactical matters such as restoring power, water and other utilities, as well as protection and restoration of data, communication, and other IT capacity.
Again, such activities are vital, but the Process Approach to crisis management emphasises that the crisis risk is not over when business resumes. This period is sometimes called the “crisis after the crisis” and can represent an even greater risk than the crisis itself, particularly the risk to reputation. These ongoing risks may take the form of official inquiries, coroner’s inquests, prosecution, costly litigation, adverse regulation, or shareholder backlash. When the crisis event itself is seemingly over it is very natural for executives to want to move on as quickly as possible. But the dangers in the post-crisis period are very real and have all too frequently led to the downfall of senior managers and even entire organisations.
There is, sadly, an extensive body of case studies and research which spells out the disastrous impact of a crisis on reputation, long-term share value, and the chances of corporate survival. While nothing can guarantee that a crisis won’t strike and potentially deliver these impacts, the Process Approach offers practical steps to reduce the chance of a crisis in the first place, to minimise damage should a crisis occur, and if a crisis does occur, to help the organisation survive.
Headline image credit: Highway at night. CC0 via Pixabay.