About Us Services News Room Careers
Contact Us Login
The Network  
Services
Home » News Room » News Archive » 

March 2004  |  Security Products

Download this Article [PDF]

Tips for Effective Emergency Communication: Planning for the Worst

By Bob Hayes and Tony Malone

Every business, no matter how large or small, is vulnerable to a crisis situation. An incident could occur at any time, without warning. Some incidents threaten business operations, while others damage community relations, create adverse publicity, or result in financial loss and civil liability. Preparing for potential crises may seem like a daunting task, but there are actions you can take now to ensure your organization manages emergency situations effectively, whenever they occur. The key is to create an infrastructure that allows for the management of incidents ranging from minor incidents appropriately handled by site managers, through major crises that trigger a coordinated response at the highest levels of the organization.

1. Provide a 24/7 hotline for reporting incidents

The cornerstone of responding appropriately to an incident is a 24/7 reporting process that ensures incidents are immediately reported, evaluated, and escalated as necessary. This facilitates rapid involvement of the appropriate response team at the earliest opportunity, which in turn determines how well the organization handles the incident.

This is a point of vulnerability for many organizations. Valuable time can be lost if a site manager is “playing phone tag” with someone carrying a pager, while simultaneously trying to manage an evolving situation. Without a centralized 24/7 reporting process, reaching top management during a breaking crisis can be challenging, especially if the organization operates in several time zones or operates multiple shifts. Incidents will happen when the corporate office is closed. A centralized notification hotline ensures that incidents are handled consistently and professionally regardless of the time of day or the nature of the incident.

The hotline must be staffed by trained interviewers with around-the-clock contact information for Crisis Management team members. The site manager makes one call to the hotline to report the incident. Then the hotline personnel alert the Crisis Management Team, relaying key information, allowing the site manager to manage the unfolding situation.

2. Define roles and responsibilities clearly

Creating a shared understanding of who is responsible for key activities before an emergency occurs is critical to an organized response. Effective planning involves defining a Corporate Crisis Management Team and Incident Response teams for each site, including the corporate level. A senior executive should be assigned responsibility for leading corporate teams, while the senior manager of each site should head the Site Incident Response Team.

These teams develop the situation-specific response plans and therefore must have cross-functional experts to represent key operational areas. Response teams typically include operations, procurement, risk management, transportation, human resources and environmental officers. Corporate Crisis Management Teams typically include corporate communications, corporate security, information technology, safety and legal.

Team members must be determined and their roles defined during the planning stage to ensure that everyone understands who needs to be involved when an incident occurs.

3. Create an emergency response plan

Effective handling of any incident requires careful research, planning, preparation and training to ensure that the situation is managed appropriately. The goal is to identify guidelines to help the organization respond quickly and effectively to an unforeseen emergency. Ideally, local management handles incidents with local consequences. Corporate support is added as the situation escalates. For example, the Corporate Crisis Management Team or the Corporate Incident Response Team may assume oversight of crises that exceed the local resources, or those that impact the organization at a broader level.

Comprehensive planning involves three tiers:

Tier 1: Site-Level Incident Response

Develop a reliable process for reporting incidents 24/7 and a Site Incident Response Plan outlining the procedures for reporting an incident to corporate, as well as guidelines for local incident response. The Site Incident Response Team implements the plan procedures, which should include incidents like fire, medical emergency, environmental issues, or a safety incident.

Tier 2: Corporate-Level Incident Response

Develop a Corporate Incident Response Plan outlining operational procedures for managing incidents that significantly impact the corporation. The Corporate Incident Response Team implements the plan provisions, which should include incidents like natural disasters, workplace violence, fire, medical emergency, hazardous materials spills (if applicable) and business continuity.

Tier 3: Corporate Crisis Management Plan

This plan specifies corporate policy when dealing with incidents that could disrupt business operations or damage the corporate reputation. The Corporate Crisis Management Team implements the provisions of this plan.

To ensure consistency and completeness in addressing response requirements, checklists should be developed outlining actions to be considered when addressing a specific type of emergency. At a minimum, checklists should be developed in the following areas:

  • Kidnapping/Extortion
  • Terrorism/Sabotage
  • Civil Protest
  • Labor Strikes/Work Stoppage
  • Industrial Accident
  • Fire
  • Major Chemical Release
  • Natural Disaster
  • Product Recall
  • Product Contamination
  • Transportation Interruption
  • Compromises of the Corporate Data Network

4. Plans aren’t enough. Communication, training and practice are key

Plans are only effective if they are used. One of the keys to successful response is ensuring that anyone who may have to manage an emergency situation knows the plan and can find items like checklists when they are needed. For example, a retail or restaurant organization may have high turnover among night managers, which places the company at risk for poor handling of emergency incidents.

Organizations facing this challenge must make a special effort to ensure the plan is easy to locate and navigate, so site managers can quickly find detailed incident instructions. The plan should be clearly labeled, with tabs that help the manager find the information that applies to the situation at hand. The Site Incident Response Plan for high turnover organizations should include detailed procedural checklists and instructions for reporting an incident to the corporate office.

Every organization should review Incident Response Plans twice a year to ensure that all involved parties are familiar with the plan’s contents. Finally, conducting training and simulations at both the site and corporate level will help ensure that response teams are prepared.

5. Don’t forget to document and debrief

Your organization will learn valuable lessons from managing each emergency event. Documentation of actions taken helps the management team debrief after the incident, which is an important step for learning how to improve future response. Detailed documentation is also helpful in responding to regulatory agencies, criminal or fire investigators, or resulting legal proceedings.

Documentation should include:

  • Chronology of Events – a day-by-day record of activities
  • Complete record of Media Releases and press coverage
  • Videotapes of press conferences
  • Chronology of reports (written and verbal) provided to the Corporate Crisis Management Team
  • Copies or transcripts of any written or verbal submittals to outside agencies
  • After-Action Report summarizing all actions taken and identifying any lessons learned

Regardless of the size of your organization, you can and should have an effective emergency communications strategy in this time of increased security legislation. Without such a strategy, an incident can be disastrous to the company’s operations, safety, or even corporate reputation.

Tony Malone is the Chief Executive Officer of The Network, Inc., a company that has provided workplace incident reporting for more than 20 years. The Network provides reporting services to more than 1,500 companies, including 40% of the Fortune 500.

Bob Hayes (roberthayes@bellsouth.net) is the Founder and Managing Partner of Corporate Security & Integrity Solutions, a company that provides third-party risk assessment validation, security controls analysis and designs security programs.

© 2008 The Network, Inc. All rights reserved. | Terms of Use | Privacy Policy Contact Us | Call Us: 800.253.0453