Table of contents
In the previous episode of our 8-part blog series “What is crisis management”, we looked at basic methods for crisis prevention. In the end, we came to the conclusion that crises cannot always be prevented despite all efforts and measures. An essential part of crisis management is therefore preparation for crises, i.e. crisis prevention, and this article will be about this.
What is crisis preparedness about?
Basically, crisis preparedness is about effectively anticipating, responding to and recovering from likely, imminent or current hazard events or conditions (cf. (UNISDR, 2009)). Readiness is another concept that is very close to preparedness. In fact, in the context of disaster management, it has been stated that “preparedness is the state of being ready”. Resilience is also a very similar concept that became popular in the 2000s and is now the new buzzword of all risk-related debates. Resilience is defined as follows:
“Resilience is the ability of a system to cope with change. Resilience means resistance to disturbances of any kind, adaptability to new conditions and a flexible response to change, with the aim of maintaining the system - e.g. a business or a process. “ (BBK Glossary).
In the remainder of this paper, we focus on the following seven areas of crisis preparedness, namely: Planning, Organisation and Processes, Capacity Building, Redundancy, Agreements and Arrangements, Capacity Building and Early Warning.
Let’s start with the most basic!
1. planning
Planning is at the core of crisis preparedness. Good crisis preparedness consists of thorough contingency planning that analyses specific potential events or emerging situations and makes provisions such as capacity and capability building. All of this serves to ensure a timely, effective and appropriate response to critical events and situations. Pre-crisis planning also provides additional space to consider a variety of options in advance and test them against the chosen crisis scenarios.
The standard for emergency planning is ISO 22301, which we already briefly introduced in Part 1 of our blog series Basics of Crisis Management. This sets out guidelines for preparedness and business continuity management. Among other things, it deals with the commitment and responsibility of top management, the importance of contingency planning in the strategic goals and daily practice of the organisation. In addition, it provides some guidance on implementation and emphasises that the plan needs to be evaluated and continuously updated.
There is also an ISO 41000 family of standards for environmental management systems in which emergency preparedness plays a central role. ISO 2800](https://de.wikipedia.org/wiki/ISO_28000), which focuses on supply chain security management, is appropriate for industries dealing with critical infrastructure). Separate guidelines are produced for small and medium-sized enterprises. The standards themselves serve as checklists for the creation of contingency plans, especially against security threats.
The importance of such contingency plans becomes particularly clear when one considers the numerous risks that can lead to unforeseen incidents in both large and small organisations. Earthquakes, extreme weather, accidents, fires, terrorist attacks or cyber attacks, are just a few examples of events that can cause serious problems for organisations of all types. Critical infrastructures in particular are subject to strict regulations, laws and frameworks designed to ensure the security of the facilities. So-called protection concepts therefore include conceptual and planning measures to increase the security of the infrastructures. Our web-based crisis management solution GroupAlarm is suitable for the creation of such protection concepts in the context of crisis prevention.
Let’s take a closer look at the general basic concept of such emergency plans:
2. organisation and processes
One of the most important functions of the contingency plan is to define the responsibilities, roles and tasks of the actors (e.g. crisis manager, business continuity manager, building manager, PR manager, human resources manager, IT manager, etc.) who will act in a crisis situation. According to the classical view, crisis management requires a dedicated crisis management group led by the highest office of the respective organisation and enforcing the command and control system originating from the military.
More flexible models suggest relying more on ad hoc structures or team members. However, it is difficult, for example, to train spontaneously formed groups to work together. They also run the risk of introducing new conflicts. A consensus on the best organisational model does not exist and in practice there are often hybrid combinations of different systems. Organisations often rely on standard operating procedures, which essentially require an understanding of the roles, responsibilities and accountabilities of the actors in a particular crisis situation, as well as equipment and other resources.
Procedures often include fairly detailed guidelines based on ready-made protocols and templates on these areas, among others:
- Who is responsible for what?
- Coordination of cooperation with other actors
- Organisation of communication management
- Organisation of the management of a disaster site
- Establishing a command post
- Dealing with the media
- How to minimise the consequences of an unexpected event?
- How to document lessons learned?
Once the necessary emergency or hazard response plans are in place, it is important to have them handy in case of an emergency. What use are they if they gather dust on some shelf? Here again, our web-based crisis management solution offers a remedy. With GroupAlarm, for example, entire crisis manuals can be reproduced in detail. This has the advantage that all important responsibilities, processes and accessibilities are bundled in a central platform that can be accessed from anywhere in an emergency. Furthermore, with GroupAlarm it is even possible to map one’s own operational processes as well as to completely integrate internal processes and procedures.
3. capacity building
Crisis preparedness requires adequate resources, including financial resources, equipment and time. This includes money for repairs and replacements, as well as insurance cover for any liability issues. In addition, it may be important to have certain equipment on site. The time factor is relevant not only because financial resources or specific equipment must be available in advance, but also because staff or the crisis team must be trained.
Depending on the type of company or organisation, different capacities need to be built. In a hospital, for example, peak disaster capacity should have been planned and invested in, including special capacity such as isolation areas related to biological or radiological terrorism and decontamination capacity.
Alternatively, a nuclear power plant must be prepared to hold emergency equipment both on-site and off-site so that the plant is able to absorb the impact of a crisis and ensure the safety of workers. And so every nuclear facility has a long list of emergency materials and equipment, such as communication systems, respirators, special clothing for radiation protection, radiation measuring devices, medical equipment and transport.
Here again, our efficient crisis management solution GroupAlarm offers support. Not only can all capacities be recorded in the system, it is even possible to plan the availability of personnel including qualifications as well as work equipment. This means that in an emergency, there is always the certainty of knowing which key personnel with which equipment are available when and for what purpose, in order to successfully manage a crisis.
4. Redundancy
Redundancy is the additional presence of functionally identical or comparable resources of a technical system when they are not normally needed during trouble-free operation. They are also there to increase failure, functional and operational safety. However, redundancy does not only mean the mere existence of resources, but much more the extent to which the functionality of a disturbed system can be replaced or redirected by other systems. Most often, redundancy is discussed in the context of critical systems, such as critical infrastructure.
While critical systems should have backup for their function or service, the backup systems or components of the backup systems are often co-located with the primary systems or use a single critical node together. This raises the question of when a system is truly redundant. This can be tested in situations such as assessing the excess capacity needed to reduce the impact of component or subsystem failures.
In any case, every crisis manager should have the critical functions of his system or organisation in mind, with the aim of finding alternative solutions in case of an unexpected event that would paralyse the system or parts of it.
But there is another important aspect: the technical systems used to support crisis preparedness should also be redundant. Because especially with a crisis management tool - like GroupAlarm - a guaranteed availability (> 99.9 %) is essential. It is therefore not enough to rely on a solution with only one server. Instead, it should be checked whether the system is set up in a multiple geo-redundant way to mitigate possible failures.
5. agreements and prior arrangements
Depending on the type of crisis, an organisation’s internal capacities and capabilities may be insufficient in some areas and require cooperation and coordination with external actors. Thus, to manage a crisis, an organisation needs pre-arranged, coordinated networks for communication and cooperation with the external actors involved.
Prior agreements are useful as points of reference in a crisis, but are not necessarily binding. In many crisis or disaster situations, for example, a country may need external assistance. Sometimes disaster response teams are even sent to another country. Without planning and pre-established rules, this would not be so easy.
The European Commission guidelines, for example, define the procedures for requesting and offering assistance with tight templates. The guidelines also state that the host country should be responsible for the safety of personnel in incoming teams and modules, as well as for sites, facilities, means of transport, equipment and goods used in connection with the international assistance provided. For better cooperation, the host country and the incoming teams should use a common emergency communication and information system. Among many other arrangements, the agreements are also quite detailed when it comes to financial responsibilities and liability issues.
6. capacity building
Since crisis situations are radically different from normal management processes, it is important for an organisation to train itself in terms of individual skills and knowledge as well as organisational skills. Thus, in order to be successful in a real crisis, it is crucial that capabilities are assessed and built in light of the anticipated threats, preferably using specific scenarios.
These capabilities can be built through education, individual or team training, drills to improve and maintain mastery of procedures or skills, and joint exercises, among others. Drills, in particular, play a major role in capacity building as they can improve decision-making, communication and coordination processes in the event of a crisis. Thus, an exercise is basically a simulation of an emergency situation that is used to review the emergency plan, build staff competencies and test how good the crisis management structures and measures are.
A nationally known example of such exercises in Germany is the so-called LÜKEX, a cross-Länder and cross-departmental crisis management exercise whose goal is to improve the joint crisis management of the federal government and the Länder involving critical infrastructures in national crises at the strategic level. In addition to exercises, it is at least as important to find possible gaps or mistakes in the institutional structure or thinking, as exercises are for learning and should lead to change.
At the corporate level, such exercises can be conducted professionally with our crisis management tool GroupAlarm. Scenarios defined in advance, which are laid down in event-specific plans - including the steps to be taken to deal with them - are the basis for this. This sets the course for successful crisis management in order to act faster and better in the event of an emergency.
7. Early warning system as crisis prevention
Early Warning Systems (EWS) are designed to detect emerging hazards at an early stage and inform those at risk as quickly as possible. By responding in a timely and comprehensive manner, they are intended to help avert hazards or mitigate the resulting consequences. This also implies that such systems should never be understood as one-off actions, but are subject to a continuous process.
The concept of early warning is used in many different areas, such as fire protection, military strategy, crime prevention, the technology industry, information technology applications, medical care, business, financial systems and disaster preparedness and emergency management. Because of this diversity of applications, there is no one right way to build an early warning system.
Nevertheless, the following characteristics of a good early warning system can be identified:
- The benefits of an early warning system must be recognised, reflected in unified national to local disaster preparedness policy, planning, legislation and budgeting.
- An effective EWS consists of the components: Hazard identification, monitoring and forecasting; Risk analysis and incorporation of risk information into emergency planning and warning; Dissemination of timely and authoritative warnings; and Community planning and preparedness and the ability to activate emergency plans.
- Early warning system actors should be identified and their roles, responsibilities and coordination mechanisms clearly defined and documented e.g. in laws and policies.
- EWS capacities must be supported by adequate resources and the system must be designed and implemented with sustainability in mind.
- Information on hazards, pressures and vulnerabilities should be used to conduct risk assessments, which make an important contribution to emergency planning and alert development.
- Alerts should be issued clearly and consistently from a single, recognised and authoritative source. The risk information they contain should be designed using colours, flags, etc., so that it can be understood by the authorities and the public.
- Warning dissemination mechanisms must be able to reach authorities, other EWS actors and the population at risk in a timely and reliable manner.
- Emergency plans should be developed taking into account hazard or risk levels, characteristics of communities at risk, coordination mechanisms and different actors.
- Training on risk awareness, hazard identification and the appropriate emergency response should be integrated and linked to regular exercises and testing throughout the system to ensure readiness at all times.
- Effective feedback and optimisation mechanisms must be in place to enable systematic evaluation and ensure system improvement over time.
This is why crisis preparedness is important
The US economist and economic historian Walt Whitman Rostow once summed it up rather aptly:
*The best way to deal with crises is to get ahead of them.
One could also say by preparing for them. For this reason, the planning and organisation of crisis preparedness plays an important role. The advantage of the aforementioned crisis preparedness measures is obvious: Firstly, the effects of incidents are made plannable, so to speak, in order to retain the ability to act in an emergency. Secondly, targeted preparation in the event of a specific emergency or crisis provides a great head start in terms of time. You can find out how crisis management works in the 6th part of our blog series.
Try out the crisis management tool GroupAlarm!
Bildquellen: GroupAlarm