Imagine your organization goes through an event that causes irreparable damage and you discover that the situation could have been avoided or addressed better. Many times, organizations may prevent a crisis by managing small situations and incidents in a timely manner. They can also mitigate the effects of a crisis, even if its occurrence could not be stopped. This can be done by implementing processes and procedures for preventing, preparing for, and responding to a crisis, which constitutes crisis management.
A crisis is an abnormal event that threatens the continuity of an organization’s operations and may even lead to its collapse. These events may have natural causes or may be man-made, e.g., natural disasters, environmental issues, terrorism, cybersecurity breaches, and employee misconduct. A crisis can occur abruptly or may emerge from small incidents that have not been addressed or have been managed inappropriately. By improving their crisis management capability, not only can organizations prepare for and prevent crises, but they can also manage crises more effectively and learn from them by identifying opportunities for improvement.
What is ISO 22361?
The ISO 22361 standard provides guidance for organizations to develop, establish, maintain, monitor, and continually improve a strategic crisis management capability. In addition, it outlines principles and practices needed to identify and manage a crisis.
ISO 22361 recommends that organizations adopt a structured approach to crisis management by establishing a framework for crisis management based on leadership, structure, culture, and competence, and adhering to principles for crisis management: governance, strategy, risk, decision-making, communication, ethics, and learning.
Moreover, the standard describes the crisis management process, which consists of seven steps: anticipation, assessment, prevention and mitigation, preparedness, response, recovery, and continual improvement.
ISO 22361 guidelines can be helpful in identifying and managing for any organization, regardless of their type, size, or industry. The standard is especially intended for organizations’ top management, who have strategic responsibilities for establishing and improving a crisis management capability, and those who work under the control of the top management.
