How to Create a Crisis: The 10 Biggest Mistakes in Crisis Communications

All organizations are vulnerable to crises. Disasters, lawsuits, accusations of impropriety, sudden changes in ownership or management, and other volatile situations will happen. The threat of serious damage to people, property, reputation is real for virtually any organization, and many individuals as well.

The cheapest way to turn experience into future profits is to learn from others’ mistakes. With that in mind, I hope that the following examples of inappropriate crisis communications policies, culled from real-life situations, will provide a tongue-in-cheek guide to the mistakes you must avoid when your organization is faced with a crisis.

If you want your crisis to quickly spiral out of control you should employ any combination of these wrong-way tactics:

  1. Play Ostrich. What Lance Armstrong did for years. Hope that no one learns about it. Cater to whoever is advising you to say nothing, do nothing. Assume you’ll have time to react when and if necessary, with little or no preparation time. And while you’re playing ostrich, with your head buried firmly in the sand, don’t think about the part that’s still hanging out.
  2. Only Start Work on a Potential Crisis Situation after It’s Public. This is closely related to item 1, of course. Even if you have decided you won’t play ostrich, you can still foster your developing crisis by deciding not to do any advance preparation. Before the situation becomes public, you still have some proactive options available. You could, for example, thrash out and even test some planned key messages, but that would probably mean that you will communicate promptly and credibly when the crisis breaks publicly, and you don’t want to do that, do you? So, to allow your crisis to gain a strong foothold in the public’s mind, make sure you address all issues from a defensive posture — something much easier to do when you don’t plan ahead. Shoot from the hip, and give off the cuff, unrehearsed remarks.
  3. Let Your Reputation Speak for You. That worked out so well for the now-defunct Arthur Andersen, once one of the largest accounting firms in the world – before Enron.

Want to know the rest of The 10 Biggest Mistakes in Crisis Communications? Click here!

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Bernstein Crisis Management | Connect with Jonathan | Connect with Erik

The 3 Types Of Crisis

A-woman-placing-her-head-on-her-laptop

Crises can be divided into three categories:

1. Creeping Crises – foreshadowed by a series of events that decision makers don’t view as part of a pattern.

2. Slow-Burn Crises – some advance warning, before the situation has caused any actual damage.

3. Sudden Crises – damage has already occurred and will get worse the longer it takes to respond.

It is not uncommon for what seems to be a sudden crisis to have actually, first, been a creeping crisis that was not detected. Appropriate measures, early in the process, can often prevent or, at least, minimize the damage from slow-burn and sudden crises.

Below are some examples from the healthcare industry. From this, readers in other industries should be able to develop comparable lists.

1. Creeping Crises

  • Lack of a rumor-control system, resulting in damaging rumors.
  • Inadequate preparation for partial or complete business interruption.
  • Inadequate steps to protect life and property in the event of emergencies.
  • Inadequate two-way communication with all audiences, internal and external.

2. Slow-Burn Crises

  • Internet activism
  • Most lawsuits.
  • Most discrimination complaints.
  • Company reputation
  • Lack of regulatory compliance – safety, immigration, environment, hiring, permits, etc.
  • Major operational decisions that may distress any important audience, internal or external.
  • Local/state/national governmental actions that negatively impact operations.
  • Official/governmental investigations involving your healthcare organization and/or any of its employees.
  • Labor unrest.
  • Sudden management changes – voluntary or involuntary.
  • Marketing misrepresentation.

3. Sudden Crises

  • Patient death – Your healthcare organization perceived to be liable in some way.
  • Patient condition worsened – Your healthcare organization perceived to be liable in some way.
  • Serious on-site accident.
  • Insane/dangerous behavior by anyone at a location controlled by your healthcare organization.
  • Criminal activity at a company site and/or committed by company employees.
  • Lawsuits with no advance notice or clue whatsoever.
  • Natural disasters.
  • Loss of workplace/business interruption (for any reason).
  • Fires.
  • Perceptions of significant impropriety that damage reputation and/or result in legal liability, e.g., publicized involvement of company employee in a group or activity perceived to be a threat to the U.S. government or society; inappropriate comments by a “loose cannon;” business activities not officially authorized by management.

Typically, reviewing a list like this triggers thoughts of other situations that need to be addressed during the crisis planning process. Know what constitutes a creeping, slow-burn or sudden crisis for your organization and have plans in place to address them!

Looking for more on crisis management, prevention, preparedness and response? Click here to head to our articles section.

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Bernstein Crisis Management | Connect with Jonathan | Connect with Erik

Litigation-Related Crisis Management: Educating the Jury Pool

A-judge-mantle-with-a-weighing-scale

Which of the following statements about a jury, civil or criminal, are true?

  1. Prospective jury members never lie regarding their advance bias about a case.
  2. Jury members are always truly “peers” of the defendant.
  3. Jury members never talk about a case outside of jury deliberations, or read and watch TV about a case when sequestered, once directed not to do so by a judge.

If your answer is “none of the above,” you begin to appreciate the potential value of crisis/issues management for the purpose of educating a jury pool. Now, I am aware, though not an attorney, that members of the bar are not allowed to influence a jury. Ed Novak, a partner at the Phoenix-based law firm, Quarles & Brady Streich Lang, bridges the gap between influencing and educating.

“While it is unethical to attempt to influence prospective jurors, there is nothing unethical or unprofessional about having an accurate picture of your client presented to the media and other audiences,” said Novak.

A jury consultant is typically not called in until there is some high certainty that a case will, in fact, go to trial. By then, if the case in question has been highly visible in the press, it may well be too late to educate a jury pool “contaminated” by the media’s interpretation of events.

Any honest reporter (yes, there are honest reporters who might even acknowledge there are honest attorneys) will admit that he or she brings a natural bias and an institutional editorial perspective to a story. Journalists will do their best, in that context, to report in a “balanced manner,” with the exception of columnists, who are often free to say pretty much what they please and not worry about “balance.” These media representatives are a gateway through which both plaintiff/prosecutor and defendant can communicate not only to the publics thought of most often – business contacts, community VIPs, etc. – but also to potential jury members. It is the responsibility of counsel, with expert assistance as necessary, to direct media relations that can shift the balance of coverage.

“If we say something to the media, we realize we may be talking to future jury members as well, and if we don’t say something, we’re telling those jury members ‘we don’t care enough about you to keep you informed.’ When we get to court, they’ll remember that,” said Novak.

And, he notes, his firm has realized that the same analysis done by crisis management professionals to anticipate multi-audience response to various public relations tactics also helps them anticipate jury response.

“I’ve had a crisis consultant sit in on practice sessions for depositions, resulting in a change in the client’s choice of words,” he said. In that circumstance, the crisis consultant was actually hired as a jury consultant under the law firm’s umbrella of confidentiality.

What tactics can be used for this public education process? They include, but are not limited to:

  • The use of spokespersons trained to deliver key messages to the media and other audiences.
  • Educating employees of defendant or plaintiff’s companies about what to say or not to say about the situation at hand when they’re back home, out in the community which will eventually be the source of jurors.
  • Advertorials — buying print space or broadcast time in which one puts news-like stories about your client organization that are designed to help balance any misinformation which may already be in the public eye. This tactic is usually only employed if the media has consistently mis-reported the facts.

The battle for the hearts, minds and votes of jury members does not begin in the courtroom. In my experience, advance communication begins immediately after a legal situation hits the media. It can work together with legal tactics to (a) preclude a case ever going to trial (assuming that’s a desired outcome for either side of the issue) or (b) affect public perception sufficiently to enhance either side’s chance of a favorable outcome in court.

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Bernstein Crisis Management | Connect with Jonathan | Connect with Erik

What’s a vulnerability audit and why do you need one?

An-auditor-going-through-documents-in-her-office

A vulnerability audit is a thorough self-inspection designed to identify potential crises before they occur and pave the way for creation of a crisis communications plan which will allow an organization to avoid, or at least minimize, the negative impact of such crises.

This is done by:

  1. Collecting data from people in key information flow positions. Senior executives are not always aware of all of the circumstances which can lead to the birth of a crisis. Hence, interviews are conducted with both white- and blue-collar personnel at various echelons of the company, typically a minimum of 20 interviews. Multi-location businesses usually require interviews with remote location personnel who have insights specific to their area.

  2. These interviews are conducted on an extremely confidential basis. Ideally, interviewees are told that the firm’s senior management will not, under any circumstances, be told “who said what.” Information gleaned during the interview process includes (1) potentially harmful trends (facts or perceptions reported by multiple sources); (2) significant inconsistencies between answers from different subjects; (3) non-verbal cues that there may be something amiss in certain areas, which then prompts further questioning; and, (4) consensus opinion regarding the probability of certain types of crises.

  3. Looking for operational and communications weaknesses which could cause or contribute to a crisis.An employee who’s a “loose cannon” is a more obvious potential source of problems, even if he/she is well-intentioned, but there are less obvious issues revealed through the vulnerability audit process. For example, one past client relied on a single fax machine for incoming and outgoing faxes from its headquarters offices during a crisis, which tremendously delayed communication with a number of important audiences. The simple addition of fax machines, creation of broadcast fax/email lists and similar tactics can often greatly improve crisis response.

  4. Anticipating actual crisis scenarios. Every organization is vulnerable to certain types of crises inherent in the nature of its business, plus others inherent, perhaps, in the nature of its particular style of operating. Additionally, the vulnerability audit has been known to reveal “skeletons” of which senior management may not have been aware.

  5. Reporting results. The conclusions from the vulnerability audit are then analyzed and presented both as a in-depth overview of issues that need to be addressed.

The information collected during the vulnerability audit process is used as the basis for writing a manual which will guide the entire organization in the communications aspects of responding to crisis situation. A side benefit we’ve seen – the discussions necessary to the audit process often spur more overall interest in protecting the company from crisis, which of course saves you money!

We typically spot the first vulnerability within minutes, and as the process continues problems “everyone knew” existed (except, often, those at the top!) quickly emerge. Time after time clients who feel they’ve prepared adequately are stunned by the list of vulnerabilities this process identifies, and the liability they would have faced if the possibilities had become reality. Every organization has weaknesses but they don’t have to put you out of business. Know what they are and make prevention a part of daily conversation.

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Bernstein Crisis Management | Connect with Jonathan | Connect with Erik

Still Not Worried About Crisis Training?

A-departmental-head-training-colleagues-on-work-issues

Practice makes perfect is cliche for a reason. We all accept that it takes repetition and training to be good at anything, but in spite of this we’ve seen certain concerning behavior repeated throughout our 30+ years of experience:

  • Many organizations still don’t plan or train for crises at all, either rolling the dice that their “crisis number” doesn’t come up and/or wrongly assuming that they can “wing it” because of their combined skills.
  • Even when organizations have gone to the effort (and cost) of developing or even getting initial training in the use of business continuity or crisis communications plans, most still engage in little to no ongoing training thereafter.
  • Most organizations go through periods of significant personnel turnover and major operational changes, all of which can require modification of existing crisis plans and then re-training. The former happens sometimes, the latter – not so often!
  • Too many organizations continue to turn incidents into crises, and minor crises into major ones, because their people simply aren’t ready to rumble.

If you could choose to know – in advance – how you’re going to handle your own nightmare scenario, and that your team can handle it, why wouldn’t you? Crisis training just makes sense.

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Bernstein Crisis Management | Connect with Jonathan | Connect with Erik

Before You Communicate, Consider Your Audience

A-business-man-speaking-to-an-audience

When creating crisis communications we see far too many failing to consider their audience in the writing. Whether it comes as a result of being overly insulated in your own company culture or simply being out of touch with the segment of the population that’s been impacted, not considering your target audience and how they believe communications should go is one of the most common mistakes made in crisis situations.

Fortunately it’s not hard to fix. All you need is the ability to put yourself in the audience’s shoes – what concerns do they want addressed, and what factors are driving the emotions they’re feeling about you and your brand? Sometimes it can help to get an outside perspective from a trusted adviser, or even to ask folks from the stakeholder group (if that’s an option), but regardless until you understand what the audience needs from you, you can’t start writing.

One of the best ways to practice this might be to take crisis communications you see coming from other organizations and try to re-write them to be more effective given what you know from news coverage, etc. of public reaction, and if you truly want to get better at communicating in ugly situations you’ll make this a regular part of your professional routine.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

Crisis Management Quickies: How could we prevent this next time?

Office-colleagues-working-together-to-resolve-a-crisis

Think back to the last time your organization ran into an ugly situation that was resolved before it became an actual crisis. When things died down did everyone breathe a big sigh of relief and head back to work, or did you stop to ask yourselves “How could we prevent this next time?”. Chances are you did the former, and that’s a problem. Quite often when we’re brought in to help with response to a breaking crisis we’re told that something similar happened weeks, months, or even years before and managed to stay under the radar. But, instead of looking back to see how the issue could have been prevented in the first place and making necessary changes to policy, procedure, or training, everyone was so glad it was over that they sort of…forgot.

Any time you encounter an unsatisfactory situation, whether it’s on the scale of a small influx of negative reviews or a massive public protest, ask yourself “How could we prevent this next time?”. You can’t avoid every crisis, but if you encounter the same one twice and haven’t prepared then you’re making a conscious choice to take more damage than necessary.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

Twitter Apologizes for Unencrypted Passwords

A-twitter-application-on-a-phone

Time to change your Twitter passwords! A warning that all users should change their passwords came from Twitter itself after it was revealed that user passwords were stored unencrypted on company servers. Though at this time there’s no indication your passwords were shared with anyone outside of Twitter, employees did have access to these unencrypted keys.

Twitter did apologize, and though we would’ve liked to see compassion included a bit earlier in the message it’s not a bad piece of crisis communications:

When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.

Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password. You can change your Twitter password anytime by going to the password settings page.

About The Bug

We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter’s system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard.

Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.

Tips on Account Security

Again, although we have no reason to believe password information ever left Twitter’s systems or was misused by anyone, there are a few steps you can take to help us keep your account safe:

  1. Change your password on Twitter and on any other service where you may have used the same password.
  2. Use a strong password that you don’t reuse on other websites.
  3. Enable login verification, also known as two factor authentication. This is the single best action you can take to increase your account security.
  4. Use a password manager to make sure you’re using strong, unique passwords everywhere.

We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.

Having a data breach falls firmly into the “predictable crisis” category for any business today, which brings me to a question – when’s the last time you went through a tested your own ability to respond to the predictable crises that threaten your operations? In a world where responding quickly is critical, you lose valuable time scrambling to create a response after the fact. Know your risk factors, be prepared, and deploy as needed.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

Continuing Operations in a Crisis

Two-colleagues-working-on-their-desk-in-their-office.

We see one simple fact overlooked often in crisis planning – you can’t divert 100% of your assets to recover from an issue when there’s still a business to run. This video from Rave Mobile Safety looks at telling stats about how prepared organizations really are for crisis management, and how many would truly be able to weather a storm without letting day-to-day operations slip.

Too often organizations assume they’ll be able to maintain operations and manage an ugly situation when the reality is the folks in critical roles are often already stretched too thin. Leveraging technology and careful planning, along with actually practicing use of both, is critical to surviving the inevitable negativity every organization encounters at one time or another.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

[Guest Post] Is it time to review your business continuity plan?

A-business-man-reviewing-a-document-with-his-secretary.

[Editor’s note: Thank you to Kamy Anderson for sharing this post about the importance of regularly reviewing your business continuity plans.]

A business continuity plan is a must-have in today’s ever changing and volatile market. A carefully and strategically devised business continuity plan has one sole purpose – to ensure your company’s continued existence, even after facing a disaster or major disruption.

It is important to note, that such a plan is not set in stone. It should be reviewed and modified accordingly. However, since it may be challenging to do so on a busy schedule, it is important to know the hows and whens.

Let’s see how a learning management system can help you regularly review your business continuity plan, and when the right time to review it is.

Why You Need to Review Your Business Continuity Plan

Now that we’ve explained why it’s important to have one, we will go over why you need to review your business continuity plan. First of all, in order to be considered a business plan, any plan has to be kept up-to-date and work reliably, and the BCP is no different.

When you decide to review your business plan, you first need to make sure that both of these points are properly addressed. .

To make an efficient plan you also have to assess the various risks. The general business operation risk category consists of market, industry and environmental changes. Here are the most common ones to pay attention to:

  1. The competition has entered the market with a better product or service than yours, and at a lover price
  2. Your target audience’s focus and needs have shifted to another product or service, which may not be better than yours, but has features or functionality that yours doesn’t.
  3. There is an imminent cyber threat which may affect your business or your clients.
  4. You are operating in a country with an unstable political climate.
  5. You are dealing with hazardous materials and/or chemicals.
  6. There is a risk of an epidemic illness breaking out in the country where your offices are.
  7. A key employee decides to leave the company, or dies unexpectedly.

These are just some of the risks that every business may have to deal with. It is important to pinpoint the risks that are specific to your business operation and incorporate strategies to deal with them if they become reality. All of these risks can also change over time, making your plan obsolete and ineffective. Thus, the BCP review becomes a standard and must-have procedure. And it seems that this becomes a trend in the SMBs ecosystem.

When to Review your Business Continuity Plan

Now that you know why it is important to review your BCP, let’s see when you should do it. As you might have guessed, the review process can eat up a big chunk of your and everyone else’s time. This is why it is important to learn when to review it.

The first indicator that tells you to assess the reliability of your BCP are changes to the way your company operates. Every time you change something, whether it is for internal or external reasons, you should revisit your BCP. What are these changes we are talking about? Here are the few examples:

  1. If you decide to launch a new product or service.
  2. If you decide to implement new software, technology, or hardware.
  3. If you move to another location.
  4. If you decide to penetrate a new market.
  5. If any of the departments change priority levels, for instance functionality before the design.

Now that we’ve covered changes in company operations, we should address changes to the people in your business. These changes also present a certain risk to your business operation, so let’s see which ones necessitate an immediate BCP review:

  1. If you, for any reason, lose key staff (for instance department managers).
  2. If you hire a batch of new employees.
  3. If you experience a PR crisis.
  4. If you have to change the responsibilities of your staff.
  5. If you dispatch your staff to a new business location.
  6. If the skillset of your staff becomes obsolete and they are unable to meet the new business operation requirements regarding policies and procedures.

Best Post-Review Policy

Starting with your business continuity planning team, everyone in your company should be on board with the procedures and policies it contains. In addition to identifying new risks, reviewing the plan and updating it, you should also make sure to notify the stakeholders about the latest changes.

You never know when you will need to put this plan into action. This is why the key people in your company should be informed of its location and how they can access it. If you want to minimize the risk of confusion, make sure that you keep only the latest, updated version of your BCP. If you have printed old versions of the BCP, be sure to discard them.

And lastly, you should put your new BCP to the test. You have to make sure that it works before you adopt it as an official BCP document. Review each procedure, asset and resource that is crucial for the success of BCP and make sure that you didn’t make any oversights.

How Can a Learning Management System Help

Since BCP is a document containing valuable information, you should definitely consider using it as training material. Keeping the key people and other employees in the loop with the latest changes can quickly turn into a daunting task. This is why more and more business leverage the power of a learning management system to distribute information that is crucial for business success.

By using online eLearning software, powered by the latest learning management system, you can streamline the majority of the efforts surrounding the BCP review, update and information distribution. In addition, your BCP will be kept on a remote and safe location, accessible from any location and device.

Thanks to the revision history and notification system, you will be able to keep everyone responsible in the loop, with as little effort as possible. Not to mention that you can continue to use the learning management system to organize continuous training and learning opportunities for your staff.

Start Your Review Before It’s Late

The business continuity plan is a must-have strategy for businesses in all industries. Hopefully we have helped you understand the importance of devising one and when to review it. Also, you could see that the writing, reviewing and distribution of a BCP becomes an easy and less risky activity if you do it with the assistance of a learning management system.

Kamy Anderson is an ed-tech enthusiast with a passion for writing on emerging technologies in the areas of corporate training and education. He is an expert in learning management system & elearning authoring tools – currently associated with ProProfs.