A new angle on crisis management
It’s an unfortunate sign of the times that a new year often brings more trepidation about an unknown future than excitement about new possibilities and opportunities. If this is true on a personal level, it may be all the more so for businesses.
A recent study by Deloitte UK, in collaboration with Public Health England and King’s College London, looks at how prepared organizations are for a crisis from a different perspective: how willing are your employees to put themselves at physical risk – think bio-terrorism or a natural disaster – and come to work to do their jobs? One key finding is that in certain severe but realistic scenarios, more than half the respondents say they may not be willing to come to work. And the figure is much higher when the scenario is more extreme.
The study, titled ‘Willing and able: building a crisis-resilient workforce’, lays out a handful of recommendations for how organizational leaders might strengthen their employees’ willingness to work during a crisis, including embracing an inclusive approach that invites employees into the process of developing a crisis response plan, which enables leaders to better understand employees’ concerns about risks.
The survey results are from more than 300 respondents to an online survey that includes employees from the public and private sectors in key national infrastructure segments in the UK, such as financial services, energy and health. To make better sense of the results, the researchers, in addition to getting online responses from employees, created eight scenario-based focus groups to examine variations among the responses and conducted a systematic review of 65 related studies.
Given the news, it’s no surprise that the two biggest drivers of companies’ concern about crisis management over the past year are cyber-threats and terrorism, or workplace violence. But the motivating factors are cyclical, says Rhoda Woo, US leader for crisis management at Deloitte. ‘A year ago, clients were worried about ebola. Clients are worried about whatever’s not in their comfort zone: health issues, safety issues. Some companies are very good about physical security, but the bank operating in midtown Manhattan doesn’t think about security and terrorism. So it’s whatever’s not in the firm’s core competence that gets its attention.’
The Crisis Resilient Workforce Model created by the researchers proposes that employees are more willing to return to work during an extreme event if they see the organization’s recovery as critical for society as a whole and if they view their role as important to their organization’s response to the crisis. The model also asserts that risk perception plays a key role in employees’ willingness to return to work, as do interventions by the organization, including such incentives as transport, childcare, healthcare and psychological counseling if needed.
The people responsible for planning and ensuring their organization is prepared for a crisis need to know where to get authoritative information and how it will be communicated, so that the plan can be implemented in a crisis.
Much of the work on crisis preparedness Deloitte is doing for major clients has been requested after a cyber-breach or after seeing how a breach has affected a competitor, Woo says. ‘Some of it is good governance,’ she says. ‘They’ve done a good job already at looking at risk management. Crisis management is the next step after risk management because risk management is a longer horizon view, looking more at the strategy. But there’s something about crisis management that is super-tactical and super-operational in nature, that risk management is not.’
Thinking through very specific questions such as, ‘Have I identified all my risks?’, ‘If something actually happened, do I even have people’s phone numbers?’ and ‘Do I know who to call at the Centers for Disease Control and Prevention?’ is part of the very detailed work crisis management entails. Organizations’ boards are increasingly asking senior executives whether they have crisis management programs and for descriptions of them, after reading about other companies doing crisis simulations or seeing what other firms whose boards they sit on are doing in this area.
The three best practice recommendations Woo has for the C-suite are:
1. Agree on a definition of what specifically constitutes a crisis.
2. Because a crisis organization is really a virtual organization that isn’t needed when you’re not in a crisis, design the organizational structure beforehand. It’s too late once you’re in a crisis to decide who should be on a call, who should lead a specific effort, and who should be second in command.
3. Devise a plan and some processes. You don’t need a super-specific plan, because if it’s a big enough crisis you should be able to use the same plan.
One interesting point in the Deloitte study concerns different levels of willingness to stay at work during a bio-terrorist incident between emergency responders (95 percent) and local media workers (71 percent). The disparity may indicate less about workers’ perceptions of how vital their jobs are to the response and more about the higher likelihood that those who work in a role requiring preparation for a crisis will have been educated on the actual risks and may be able to make a better informed judgment, the report explains.