0% found this document useful (0 votes)

45 views30 pages

Crisis Management Plan Template 10092024

The Crisis Management Plan (CMP) outlines the structure and processes for responding to major disruptions affecting the organization. It includes objectives, principles, a response process, and roles within the Crisis Management Team (CMT) to ensure effective decision-making and communication during a crisis. The plan emphasizes prioritizing safety, managing risks, and conducting post-incident reviews for continuous improvement.

Uploaded by

gouravcybersec

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

45 views30 pages

Crisis Management Plan Template 10092024

Uploaded by

gouravcybersec

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 30

CRISIS

MANAGEMENT
PLAN

EXAMPLE

0
Crisis Management
Plan

Contents

Contents 1
SECTION 1: INTRODUCTION 2
Objectives 2
When to invoke the Crisis Management Plan (CMP) 2
Principles to follow for our crisis response 2
Values to follow for our crisis response Error! Bookmark not
defined.
Our business priorities to follow in a crisis 3
Who is part of the Crisis Management Team? 3
Assess the business impacts to make the critical decisions 4
SECTION 2: CRISIS MANAGEMENT PLAN (CMP) 5
CRISIS MANAGEMENT RESPONSE PROCESS 5
1. ESCALATION 5
2. COMPLETE CMT MEETINGS AND SET PRIORITIES 6
3. COMPLETE PRIORITY ACTIONS 7
4. COMPLETE INTERNAL AND EXTERNAL COMMUNICATIONS 8
5. COMPLETE POST INCIDENT REVIEW 9
APPENDIX 10
A. Individual roles and responsibilities 10
B. Situation report template 21
C. Considerations for high risk scenarios 22
D. Impact Assessment 27
E. Actions log 28
F. Decisions Log 29

1
Crisis Management
Plan

SECTION 1: INTRODUCTION
Objectives
The objectives of this Crisis Management Plan are to:
 provide structure for the Crisis Management Team to respond to major disruptions
 provide a clear decision-making and action driven process
 outline the time critical priorities for the business during a major disruption
 manage and mitigate risk during a major disruption

When to invoke the Crisis Management Plan (CMP)

CMP is invoked to respond to major events or disruptions which may cause the following impacts (crises
may not always fit with the below descriptions so this should only be used as a guide):
 Colleagues: (+ impact description)
 Customer: (+ impact description)
 Operations and technology: (+ impact description)
 Finances: (+ impact description)
 Third Parties: (+ impact description)
 Legal and regulatory: (+ impact description)
 Reputation: (+ impact description)

Example scenarios which cause the above impacts may include: cyber attacks, major fires, floods, IT
outages, data theft, damage to premises, loss of supply chain, adverse weather (tailor these to your
business).

Principles to follow for our crisis response

The principles for our response are to:
 prioritise the safety of our colleagues
 quickly achieve control by being proactive in response and decision making
 prioritise customers and industry by being proactive and transparent in communications
 take action and decisions in a sustainable, socially and environmentally responsible manner
 work collaboratively across the business to respond effectively
 + other principle(s) – these could be linked to corporate values if they are not covered above.

2
Crisis Management
Plan
Our business priorities to follow in a crisis
During our response, our strategic and operational priorities include:
1. The safety and security of colleagues and external stakeholders
2. Payroll
3. Internal communications to colleagues and external communications to media and the market
4. The financial performance of the organisation
5. + other priorities

Based on the situation, our priorities may change; consider the range of impacts on page 4 to determine
what the priorities will be for the specific response.

Who is part of the Crisis Management Team?

The Crisis Management Team includes senior level colleagues with the authority to make critical
decisions, communicate with the organisation and implement responses that are specific to their areas
of expertise:

Role Name

Individual roles and responsibilities, including deputies, are in Appendix A.

3
Crisis Management
Plan
Assess the business impacts to make the critical decisions
The ultimate decision maker is the Chair of the CMT.
The CMT is authorised to make critical decisions; an impact assessment must be completed (or at least
followed) for any critical decision.
This will include assessing the potential impact on (in no particular order):

Colleagues and Time critical

Premises Service
external Technology Data services
and providers
stakeholders /
equipment
business
priorities

Deadlines
Customers Reputation Legal Finance Operations we need to
meet (daily,
weekly)

See Appendix D for the Impact Assessment template which can be used to summarise impacts to the
above.

4
Crisis Management
Plan

SECTION 2: CRISIS MANAGEMENT PLAN (CMP)

CRISIS MANAGEMENT RESPONSE PROCESS

The crisis management response follows the 5-stage process below; this should be applied until the
disruption is over or the impacts and recovery can be managed by business-as-usual (‘BAU’) processes.

2.
CMT meeting
and set
priorities

1. 5.
Escalatio Post incident
n review

4. 3.
Communicati Complete
on actions

1. ESCALATION
Follow the below actions to assess the incident and mobilise the CMT if required.

Action Owner Complete?

Once significant issues are detected, gather information and
assess the situation in terms of severity and risk (see section 3 ◻
of the CMT Meeting Agenda below for the areas to focus on for
the assessment).
If required, seek further information on the situation and give ◻
direction on how to proceed.
If impacts correlate with “when to invoke the Crisis Management
Plan” on p.2, mobilise the CMT:
 In person meeting (during office hours): [X location]. ◻
 Alternate location: [X location]
 Virtual call via (using X tool) (during or out of office hours).

5
Crisis Management
Plan

2. COMPLETE CMT MEETINGS AND SET PRIORITIES

Use this agenda for the CMT Meeting; this can be altered for each meeting and is dependent on the
situation faced.
Focus area Considerations

Complete roll call and confirm team roles and

1) Meeting
responsibilities. Confirm if additional team members are
participation
required.
Confirm who is leading on the Action Log, Decisions Log and Situation Report.
What is the known situation:
o When and where did the incident start?
2) Confirm the facts o What is currently known about the incident?
o What details have not yet been confirmed (and where can we get the
information)?
o Who is leading the current response activity?
What are the known impacts, risks and issues to:

o Customers
o Colleagues and external stakeholders
o Reputation
o Premises and equipment
3) Known impacts, o Legal
o Technology
risks and issues o Financial
o Data
o Operations
o Service providers
o Deadlines we need to meet
o Our time critical services / (daily, weekly)
business priorities
o Any barriers and blockers
4) Potential impacts
In the near future, what are the potential / likely impacts and risks to the
/ opportunities
(consider how the above? How could the incident evolve?
incident may
Does the situation provide any opportunities for the organisation to capitalise on?
evolve)

Inrelation to the known and potential impacts:

o Confirm the priority actions and timelines
o Confirm contingency options and timelines
5) Prioritise actions o Confirm communication requirements, external comms support (if
necessary) and timelines
o Confirm any barriers and blockers on actions and contingency options
o (for next CMT meeting – review decisions and
actions) See immediate actions in Section 3
below.
6) Critical decisions What critical decisions and / or investments need to be made and authorised
& investments and when? And what is the timing for these decisions?
Confirm time, date, invitees and expectations for the next meeting.
7) Next meeting
Can we stop operating as a CMT and return to BAU operations / recovery?

6
Crisis Management
Plan

3. COMPLETE PRIORITY ACTIONS

The following actions should be used as a checklist based on the situation faced and the decisions made
by the CMT (some actions are also replicated in the individual roles and responsibilities in Appendix A).

Immediate actions

Focus area Action Lead person Complete?

Ensure the actions in this checklist are complete
[Insert name] ◻
for the immediate response.
Agree priorities Confirm the CMT’s response priorities and
timelines:
◻
 Business priorities as outlined on Page 3
 Recovery options for critical dependencies
(people, technology, data, premises and
service providers)
Confirm impact to colleagues (escalate /
communicate ◻
Safeguard
people as appropriate)
Confirm CMT response actions to safeguard
colleagues ◻
(including visitors to our premises).
Confirm owners of the i) action log (Appendix E), ii)
Set up logs and decision log (Appendix F) and iii) Situation Report ◻
report (Appendix B).
templates. Confirm recipients of the updates and send
Situation ◻
Report to all CMT members.
Protect Confirm contingency options for critical operations. ◻
operations and Confirm likely periods of delay and identify
◻
technology recovery strategies.
Assess
Confirm contingency / recovery / communication
immediate ◻
options if immediate deadlines could be missed.
deadlines
Communicate with deputies to:
Agree handover  outline the situation
procedures to  agree ways to handover information ◻
deputies  agree immediate working arrangements to
support the crisis response
Confirm additional individual response roles and
Confirm ◻
responsibilities based on the situation.
individual
Highlight any risks and issues concerning
response roles ◻
individual
roles.
Start proactive Agree immediate internal and external
communications ◻
communications
priorities.

Ongoing response:
 Following each CMT meeting, continue to review the above checklist for response actions.
 Confirm an individual or team whose responsibility it will be to consider how the situation could
progress / worsen based on the information available.
 Agree and reassess response actions and priorities for the medium term (ie next few days and
weeks).

7
Crisis Management
Plan

4. COMPLETE INTERNAL AND EXTERNAL COMMUNICATIONS

The crisis communications team will use the crisis communications plan; the below serves as a checklist
for the CMT: for each stakeholder group confirm i) how best to communicate, ii) a lead person and iii)
when to communicate.

When to
Stakeholder groups How to communicate Confirm lead(s)
communicate

(Company name or group of stakeholders e.g. (e.g. email, call,

TBC based on
regulators, customers, government, media webinar, bulletin) e.g. day 1, day 2
scenario
etc.) etc.

8
Crisis Management
Plan

5. COMPLETE POST INCIDENT REVIEW

We will complete a post incident review to identify areas for improvement.

Action Lead person Complete?

Confirm the crisis response can be handed over to BAU. ◻

Organise and lead a lessons learned exercise (with CMT members);

use the decisions and actions log as well as any other records and
experiences captured by those involved.
The review must include:
a) Summary of the incident / crisis
b) Strengths of the response ◻
c) Areas for improvement for the response (ie improvement
to plans, training on roles, clarity on decision making
etc.)
d) Additional training requirements
e) Investment needs
f) Timelines and owners for remediation activity
Continue to communicate with relevant stakeholders the status of the ◻
recovery and the changes resulting from the incident and the
recovery from it.
If required, commission an independent audit (internal / external) of ◻
the incident.

9
APPENDIX

A. Individual roles and responsibilities

10
e.g. Team Leader / Chair: [name + deputy]

The below is an example to highlight an appropriate level of detail for the role descriptions. The subsequent
pages provide blank templates for each role.

Focus area Action Complete?

Invoke the CMP based on known / potential impacts. ◻
Chair first CMT meeting (using CMT meeting agenda). ◻
Crisis
Confirm decision making authority (command and control approach) /
Manageme ◻
sign off
nt Team requirements based on the situation.
meeting Confirm the future schedule / cadence of CMT meetings. ◻
Chair future CMT meetings. ◻
Confirm short, medium and longer term business priorities based on the
◻
Business situation.
priorities Set short, medium and longer term timelines for response actions in
◻
agreement with CMT.
Update the Board with the i) latest situation, ii) impacts, iii) actions taken
Board updates ◻
and planned.
Confirm a deputy for your role based on the situation. ◻
Ensure individuals / deputies are comfortable with their roles. ◻
Allocate resources to specific areas of the response based on
◻
timeframes, skills requirements and subject matter knowledge.

Delegate decision making authority to a deputy for when you are not ◻
Roles available.
Assign a team or individual to look at i) the ways the scenario could
◻
progress in the short, medium and longer term and ii) the potential
risks / impacts.

Invite specialists (ie IT, HR, facilities, cyber security etc.) to provide
◻
updates or sit as part of the CMT as required.

Set the direction and define what success will look like for the
Strategy ◻
response (based on the situation).
Media Confirm the most appropriate spokesperson / people based on the
◻
communications details of
the scenario and the impacts faced.
End of incident Confirm whether we still need to operate as a CMT or whether we can
◻
decision de- escalate to BAU operations / recovery.

11
Crisis Management
Plan
e.g. Team Leader / Chair: [name + deputy]