Practice Areas
Crisis Audit
The ability to learn faster than your competitors may be the only sustainable competitive advantage.
Ask yourself these questions:
- Is there an understanding of the corporate Crisis Management system?
- Are crisis responsibilities clear?
- Is Crisis Management included in statements and notions of corporate governance?
- Is Crisis Management included in strategic planning processes?
- Is management open to surprise and criticism?
- Is the Crisis Management capability supported by a dedicated budget?
- Is there a crisis/emergency procedures manual?
- Would the manual stand up to scrutiny in the event of a HSE or public enquiry?
- Are all possible stakeholders identified?
- Are contact lists current and is the manual up to date with correct names and telephone numbers?
- Are procedures regularly revised?
- When were procedures last reviewed?
- Do existing procedures address the identified risk profile?
- Are there legal and financial audits of threats and liabilities?
- To what extent can the organization detect a crisis at an early stage?
- Are there early warning sensors?
- Is there a system of scanning and issues management?
- Have the procedures in the manual been tested?
- Are instructions and assignments clear, current and rehearsed?
- Are there designated crisis/emergency teams?
- Has their response been tested?
- When were teams last trained/exercised?
- Was the response satisfactory?
- Was the team’s response measured against a competency standard?
- Does personal performance reporting include comment on crisis preparedness?
- Is the CMT/EMT room well equipped and tested?
- Are there direct silent numbers for the CMT?
- Are there dedicated phone numbers for recall and consumers?
- Are key executives media trained?
- In the event of an investigation can it be demonstrated that personnel are competent in emergency response as required by legislation?
- Are site teams trained/exercised?
- Are resources marshalled to cope with adversity?
- Is outside help lined up and available on short notice?
- What if buildings were destroyed, damaged or isolated?
- Is there a corporate kidnap/extortion policy?
- Does the company know its own corporate history?
- What is the risk of major business interruption in the next 12 months?
- What are the impacts and are there contingency plans?
- Is site security viewed as a major issue or potential threat?
- Is psychological support and stress management available to employees?
- Is there a critical follow-up of past crises?
- Does change happen easily in the organization?
- How well prepared has the organization been for the crises it has experienced?
- Which crises is the organization currently prepared for and why?
- Which possible crises has the organization neglected and why?
- What key assumptions has the organization made about why it should focus on certain possible crises and neglect others?
- Are the organization’s assumptions still valid? Why?
- Which additional crises should the organization prepare for? Why?
- Which preventative actions has the organization adopted/neglected?
- Is there a pattern in the preventative actions that the organization has taken? For example does the organization’s efforts tend only to incorporate technical solutions?
- Are there identifiable gaps in the organization’s use of preventative actions? What critical vulnerabilities might these gaps expose?
- In the organization, what are the biggest obstacles to preparing for a variety of potential crises?
- Across the organization are there systemic differences in the answers to these questions?
Validating Plans
- Is the plan relevant?
- Does the plan cover all the action required?
- Is the plan feasible?
- Are the resources available to implement the plan?
- Will the plan succeed?
- What needs to be exercised?
- Who needs to be exercised?
- Which type of exercise is most appropriate?