Pert 2 crisis management
-
Upload
sutawidjaya69 -
Category
Documents
-
view
515 -
download
0
Transcript of Pert 2 crisis management
INTRODUCTION
CRISIS MANAGEMENT
2
Crisis Management
To manage a crisis one first must understand that crises:
Occur abruptly
Cannot always be anticipated or forecast
May not occur within an issue category
3
Crisis Management
Basic Causes of a Business Crisis
1. Acts of God
2. Mechanical problems
3. Human errors
4. Management decisions / indecisions
4
The Nature of Crises
Crisis Definitions
A major, unpredictable event that has potentially negative results and its aftermath may significantly damage an organization and its employees, products, services, financial condition, and reputation.
A low-probability, high-impact event that threatens the viability of the organization and is characterized by ambiguity of cause, effect, and means of resolution, as well as by a belief that decisions must be made swiftly.
5
Crisis Management
How a Crisis Should NOT be Handled
Minimizing the issue
Stonewalling
Too little, too late
6
Types of Crises
EconomicEconomic
PersonnelPersonnel
PhysicalPhysical
CriminalCriminal
InformationInformation
ReputationalReputational
Natural disastersNatural disasters
7
Types of Crises
Outcomes of Major Crises
Escalated in intensity
Subjected to media and government scrutiny
Interfered with normal business operations
Damaged the companies bottom line
Resulted in major power shifts
8
Crisis Management: Four Stages
Prodromal Crisis StageWarning—precursorSymptom —precrisis
Prodromal Crisis StageWarning—precursorSymptom —precrisis
Acute Crisis StagePoint of no return
Crisis has occurred
Acute Crisis StagePoint of no return
Crisis has occurred
Crisis Resolution StagePatient is well/whole again
Crisis Resolution StagePatient is well/whole again
Chronic Crisis StageLingering on—perhaps
indefinitely; period of self-doubt; self-analysis
Chronic Crisis StageLingering on—perhaps
indefinitely; period of self-doubt; self-analysis
Learning
Figure 6-8
9
Pattern of a Poorly-Managed Crisis
Early indications that trouble is brewing occur.
Warnings are ignored / played down.
Warnings build to a climax.
Pressure mounts.
Executives are often overwhelmed or can’t cope.
Quick-fix alternatives look appealing. Hasty moves create trouble.
Clamming-up versus opening-up options present themselves.
Most firms choose the former.
A siege mentality prevails.
10
Managing Business Crises
Fink’s Three-Stage Model
1. Identifying the crisis
2. Isolating the crisis
3. Managing the crisis
11
BusinessWeek’s Five Steps in Managing Crises
1. Identify areas of vulnerability
2. Develop a plan for dealing with threats
3. Form crisis teams
4. Simulate crisis drills
5. Learn from experience
Managing Business Crises
12
Monsanto’s 10R’s for Handling Public Policy Crises
Respond early Recruit a credible spokesperson Reply truthfully Respect the opposition’s concerns Revisit the issue with follow-up Retreat early if it’s a loser Redouble efforts early if it’s a critical company issue Reply with visible top management Refuse to press for what is not good public policy Repeat the prior statement regularly
Managing Business Crises
13
Managing Business Crises
Augustine’s Six Stages of Crisis Management
1. Avoiding the crisis
2. Preparing to manage the crisis
3. Recognizing the crisis
4. Containing the crisis
5. Resolving the crisis
6. Profiting from the crisis
14
1. Identify crisis communication team
2. Identify key spokespersons
3. Train your spokespersons
4. Establish communications protocols
5. Identify and know the audience
6. Anticipate crises
7. Assess the crisis situation
8. Identify key messages to communicate
9. Decide on communication methods
10. Be prepared to ride out the storm
Crisis Communications
15
Components of Crisis Plans
Media communications 99%
Employee communications 98%
Crisis management team 94%
Communications with elected officials 86%
CEO / senior executive involvement 82%
Documentation / written policy / handbook 81%
Website communications 77%
16
Be First, Be Right, Be Credible
Be FirstBe First
Be CredibleBe Credible
Be RightBe Right
Get message out first to controlcontent and accuracy
Get message out first to controlcontent and accuracy
Be open, honest, and speak withone consistent voice
Be open, honest, and speak withone consistent voice
Say and do the right thingSay and do the right thing
17
Benefits of Crisis Management
Fewer disruptions to every life for consumers, employees, and citizens
Preparing for one type of crisis may be beneficial when other types of crises strike
BUSINESS CONTINUITY PLANNING: WHAT IT IS?
SESSION 2
18
Last Overview – Session 1
Krisis tidak bisa menjadi pilihan yang dapat ditolak oleh organisasi. Krisis hidup dan terus berkembang seiring dengan lajunya organisasi dan lajunya komunikasi organisasi tersebut.
Ketika krisis muncul maka peluangnya adalah memanage krisis tersebut menjadi lebih terkendali.
19
Your Company Is Complex
Infrastructure Buildings Equipment IT Network
Records IT Paper
Supply Chain Operations
Employees Cash Flow
CustomersProductsServices
Loss Of One System Stops Your Cash Flow
Infrastructure Buildings Equipment IT Network
Records IT Paper
Supply Chain Operations
Employees Cash Flow
CustomersProductsServices
OR
An Ounce Of Prevention, What Is It Worth?
PANICS
MANAGE TOGETHER
Peristiwa-peristiwa yang mengganggu Kesinambungan
Bisnis
23
External Threats
Fires
Utility outages• Electricity
• Gas
• Water
Natural • Tornados• Floods
• Hurricanes
Man-Made• Water main breaks
• Terrorist attack
• Overturned truck with hazardous load
• Building damage
Internal Threats
Hardware
Computer viruses
Software
Lack of IT security
Faulty IT infrastructure
Coffee pot
Negative employees
Building problems
Electrical wiring
Water damage
Internal environment
Lack of physical security measures
Why Should You Care?
Crisis Prevention
Statistics are harsh
Customer retention
Employee safety and loyalty
Vendor commitment
Cash flow protection
Business Continuity Plan
Bagi perusahaan memiliki sebuah BCP dipandang sebagai sebuah jaminan kebijakan yang memberikan kontribusi pada “good governance”-nya sebuah bisnis.
Industri jasa keuangan adalah terdepan dibanding industri lainnya dalam persyaratan BCP yang up todate dan tested. Regulasi-regulasi ini ditegakkan dengan audit-audit internal dan eksternal dan dalam kasus-kasus ekstrim dengan berbagai sanksi dan denda.
27
Business Continuity Plan
Beberapa badan regulasi tertentu mengawasi persyaratan mutlak untuk BCP di negara-negara yang berbeda.
Di AS, ada US Federal Reserve Board yang melakukan tugas ini.
Di Singapura, ada Monetary Authority of Singapore (MAS) dan
Di Hong Kong ada Hong Kong Monetary Authority (HKMA).
28
Business Continuity Plan,What Is It?
BCP dirancang untuk melindungi proses bisnis yang kritis dari kegagalan/bencana alam atau yang dibuat manusia dan akibatnya hilangnya modal dalam kaitannya dengan ketidaktersediaan untuk proses bisnis secara normal.
BCP merupakan suatu strategi untuk memperkecil efek gangguan dan untuk memungkinkan proses bisnis terus berlangsung.
Peristiwa yang mengganggu adalah segala bentuk pelanggaran keamanan baik yang disengaja ataupun tidak yang menyebabkan bisnis tidak bisa beroperasi secara normal
Business Continuity Plan,What Is It?
Your organization’s:• Untuk memperkecil efek berbagai peristiwa yang
mengganggu pada perusahaan
Tujuan BCP yang utama adalah untuk mengurangi risiko kerugian keuangan dan meningkatkan kemampuan perusahaan dalam proses pemulihan sesegera mungkin dari suatu peristiwa yang mengganggu.
The BCP consists of three major elements
31
The BCP consists of three major elements
1. The Prevention Plan is developed to minimize the potential for a disaster (or crisis) to occur
2. The Emergency Response Plan is developed to ensure employees know how to respond when they discover a potential disaster, or when and how to evacuate the building if necessary and who and how to assess the damage.
3. The Business Resumption Plan is developed to minimize the impact on the organization — by minimizing the length of time a business interruption lasts and providing procedures to use in resuming business operations.
32
Pengembangan BCP
Ada empat element atau langkah-langkah dalam membangun sebuah BCP yang baik, meliputi:• 1. Pembuatan Cakupan dan Rencana. Tahapan ini
menandai dimulainya proses BCP. Hal yang dilakukan adalah membuat lingkup dan elemen lainnya yang diperlukan untuk menentukan parameter dari rencana.
33
Pengembangan BCP
Ada empat element atau langkah-langkah dalam membangun sebuah BCP yang baik, meliputi:• 2. Business Impact Assassment (BIA). Proses ini
dilakukan sebelum membuat Disaster Recovery Plan. BIA digunakan untuk membantu unit bisnis memahami dampak dari bencana; meliputi pelaksanaan analisa risiko dan menentukan dampak terhadap perusahaan jika potential loss yang teridentifikasi oleh risk analysis sungguh-sungguh terjadi.
34
Pengembangan BCP
Ada empat element atau langkah-langkah dalam membangun sebuah BCP yang baik, meliputi:• 3. Pembuatan Business Continuity Plan. Tahapan
ini menggunakan informasi yang didapat pada proses BIA untuk mengembangkan business continuity plan yang sebenarnya. Proses pengembangannya adalah meliputi rencana implementasi, rencana pengujian, dan pemeliharaan rencana yang dijalankan.
35
Pengembangan BCP
Ada empat element atau langkah-langkah dalam membangun sebuah BCP yang baik, meliputi:• 4. Persetujuan dan Implementasi. Proses ini
terdiri dari mendapatkan persetujuan akhir dari manajemen senior, penyiapan sebuah program awareness korporat dan menerapkan prosedur pemeliharaan untuk meng-update rencana sesuai dengan kebutuhan.
36
Plan Topics
Risk identification• improvement• Management
Business resumption
IT contingency plans
Crisis management• Emergency
preparedness• Communication• Evacuation
Plan maintenance
Management Plan
Subsidiary plan umbrella:• Delineates how the subsidiary plans work together• Designates ownership of subsidiary plans
Functions:• Defines the business process• Identifies rules and processes for change
management and plan maintenance• Establishes the timeline and methodologies for testing
the plan
Subsidiary Plans
Information Technology
Crisis Management
Business Resumption
Information Technology Plan
Consists of two functional plans:• Disaster Recovery
• Restoration of electronic business data • Restoration of Key IT systems
• Cyber Incident Response Plan
• Detection and response to Viruses, Hackers, or other Cyber threats
Crisis Management Plan
Consists of three functional plans:
• Communications Plan • Internal and external communications and relationships
• Process
• Evacuation Plan • Shelter – in – Place vs. Building evacuation • Employee accounting
• Emergency Preparedness• Mitigation
• Management
Business Resumption Plan
Manages the organization’s operations from a disruptive event through “business as normal”
Evaluates resource and asset needs
Procedural changes
Process Overview
1. Organizational overview
2. Business Impact Analysis (BIA)
3. IT evaluation
4. Risk assessment
5. Services selection
6. Procedure management
7. Crisis management
8. Change management
9. Plan maintenance
It will not happen to me
We can make it through
We have backups
We have business interruption insurance
It will be too costly
We don’t have the time
Common Misconceptions
It Will Not Happen To Me
1/3 of all companies experience a major disruption each year
You have a 25% chance of a data disruption that lasts over 24 hrs
33% of SMEs that had a disaster recovery plan, used it
Year Date Title Disaster Number
Major Disaster Declarations in NJ
2005 04/19 Severe Storms and Flooding 1588
2004 10/01 Tropical Depression Ivan 1563
2004 07/16 Severe Storms and Flooding 1530
2000 08/17 Severe Storms, Flooding And Mudslides 1337
1999 09/18 Hurricane Floyd 1295
Emergency Declarations in NJ
2003 09/23 Power Outage 3188
2003 03/20 Snowstorm 3181
2001 09/19 Terrorist Attack Emergency Declaration 3169
1999 09/17 Hurricane Floyd 3147
1999 09/17 Hurricane Floyd 3148
We Can Make It Through
43% of companies experiencing disasters never recover
Most that suffer a catastrophe are out of business in 2 years
Data not restored in 48 hrs, 50% chance of closing in 2 years
• 72 hrs, 95% chance of closing in 2 years
Normal misconceptions• 66% of business executives believe they will resume
normal operations within 24 hrs
• IT executives believe they will resume normal operations within 3 days
We Have Backups
75% of backups are unusable when needed
2:30 A.M.Your data just got wiped outYou grab your backups but…
Your systems are gone!Where is your business now?
Think clearlyThink beyond backups
We Have Business Interruption Insurance
Does not protect you• Does not stop you from losing customers• Does not stop your vendor’s bills• Does not give you a place for resuming business
• Does not keep your cash flow flowing
Is good to pay for services needed to get back running
It Will Be Too Costly
Crisis prevention is surprisingly affordable
We focus on you, our customer, and on your bottom line
Our holistic approach is streamlined for companies your size
We Don’t Have The Time
We use a simple, non-intrusive, approach
Our holistic approach to keeping you in control includes:• Assessing existing risks and weaknesses
• Designing a solid crisis prevention & business continuity plan
• Factoring future company and systems expansion
Let’s Get Started
Your company is the center of a very unique world: when you are safe, all are safe. Isn’t that what it’s all about?
Appropriate Systems, LLC works with you to create your ounce of prevention.
QuestionsThank You For Your Time