Accidents and mistakes are part of being human.
You cannot get through life without tripping and skimming your knee at least once, and you will disappoint someone by forgetting something.
Equally, a business cannot exist without facing crises now and then.
Mistakes, misunderstandings, accidents, product failures and employee misconduct are all risks that organizations face regularly. Although they’re nearly impossible to avoid, they can be managed.
If key people in your organization are well prepared and vigilant, you can foresee potential risks and prevent many of them from escalating into major crises. If managed especially well, few outside your crisis response team will even know anything happened.
A carefully compiled crisis communication guide can literally save your business when the inevitable occurs.
The key to remember is that there’s no universal crisis handbook you can order and put on your shelf.
Every business is different, and what you’ll need in your response plan will require careful research, documentation and frequent revision. It must also be flexible and evolve with your business.
If you’re anxious because you don’t have an up-to-date crisis guide, it’s OK. Here are three steps you can take right now that will kick-start your planning before a crisis strikes.
List your vulnerabilities
The only way to be prepared for a crisis, or perhaps avoid one altogether, is to have an understanding of the types of crises you might face.
This list will be unique for every organization.
For example, if your business requires employees to use dangerous machinery or chemicals, your risks will differ from those of a business dealing with online sales.
Some general risks to start with include: systems outages (order processing or email), product failure, human error, dissatisfied customer reviews or social posts, employee misconduct, lawsuits and communications faux pas.
Furthermore, look at any crises you have dealt with in the past. Though you may have permanently resolved some of them, others might well pop up again.
After making your initial list, group vulnerabilities into types, such as Personnel, Customer, Legal, Financial, etc. Ensure that the list is as thorough as possible by collaborating with key parties in your business who have other perspectives to add.
Chart your primary contacts
When a crisis hits, you must immediately get the word out to the right people across your organization. That means knowing in advance whom to inform.
Create a chart listing the key contacts in the event of a crisis. Start at the top of your company, and then categorize people into escalation groups.
List those who should always be informed immediately, such as your head of communications (perhaps that’s you). Then, categorize other essential people who may need to be involved on a situational basis, such as your legal team, senior executives, heads of information security and IT, sales leaders, etc.
Although your list of contacts must be thorough, you should be judicious when involving people during the actual crisis. You want to take as few people as possible away from their daily work. Plan well, but carefully select the response team based on the requirements of the crisis.
Audit your communications channels
With certain crises, you should halt your usual daily chatter on social media or post an update on your website’s home page. It’s important to know how to make that happen quickly.
Most companies have multiple—and possibly dozens or even hundreds of—social media accounts, websites, customer lists, vendor lists, partner lists, media lists and other public-facing communications channels.
You’ll want to work with the people you normally trust on these channels to respond to questions and post information. Don’t replace them with a senior spokesperson who is unfamiliar with the nuances of your channels and their audiences.
Compile a list of all of your current communications channels, as well as the key contacts for those channels. You don’t have to hold all the passwords (those change), but you must know whom to contact.
If you’ve prepared properly, everyone will know exactly what procedures to follow, and you won’t find yourself scrambling at the last minute.
Don’t forget, though: Every crisis communications protocol needs a backup plan.
If you have one person in your business who manages all your social media channels and holds the passwords, make sure they have a well-informed backup who can handle situations when they’re off camping in the Great Smoky Mountains—with no cellphone reception.
Bonus tip: Regularly revisit the plan
Information gets outdated very quickly. Set a schedule to re-audit your vulnerabilities, key contacts and communications channels frequently.
That can be time-consuming and difficult to monitor; share the burden.
Everyone who manages a responsibility or channel should be responsible for keeping others up to date on contact information and personnel changes.
Also, remember that there is no better time to update your crisis guide than right after each crisis. As communicators, we learn something from every incident that will make crisis management easier “next time.”
The above suggestions are great starting points for your crisis communications plan, but don’t stop there. Keep the momentum going, and build it out. It should grow and evolve as your business ages and as you learn from occasional crises.
A version of this article originally appeared on the Beyond PR blog.