Mitigating and Responding to Risk
Here are some top-line tips for managing tough issues:
- Be prepared. No matter what your industry, there is a security “pain point” that you should consider.
- When creating a risk mitigation plan, be open to the input of others outside your company.
- But, ultimately, trust your own company’s experience, expertise and nuances to create a custom plan.
- Consider the entire company when developing a plan (not just managers or executives).
- Build an escalation plan into the infrastructure.
- Stick to the plan. Stay disciplined about what your messages are and who is responsible for delivering them.
- Choose a point person for media inquiries.
- Consider what your communications are within the company walls—and keep them consistent with external messaging.
- If you are working with a law enforcement agency, make sure to establish—clearly and early on—what their expectations are of your company.
- When working with multiple law enforcement agencies, reduce confusion or misinformation by keeping the points of contact to a minimum.
- Be conscientious about capitalizing on a “sensational” event. It may do more damage than good in the long run.
Seven Survival Strategies When the CEO Goes Rogue
Richard Levick, chairman and CEO of Levick and co-author of The Communicators: Leadership in the Age of Crisis, stresses that PR pros have to recognize that the rules have changed when it comes to corporate chieftains thinking they can say anything as long as it doesn’t offend the core constituency. Here are some steps to take when the CEO gets the company in hot water:
1. Determine the severity of the sin. There are a thousand “shades of grey,” and every case is different. But, the first question the company must ask itself, Levick says, is: “Can the CEO regain the trust of our consumers and stakeholders?”
2. Determine the Investor Relations (IR) response. Private companies usually have fewer audiences so there is more latitude. Public companies have an audience of shareholders to cater to, and their concerns need to be gauged and addressed by the board.
3. Determine whether the CEO’s brand can be distanced from that of the company. If the two can be reasonably separated, they should be via statements that the sin does not reflect the company’s values. If they can’t, a much more aggressive response is necessary.
4. Determine how the sin relates to the company’s brand. The same sin can be judged differently among different audiences, says Levick. “If Chick-fil-A’s most important markets weren’t in the Bible Belt, we would have seen a far more aggressive response.”
5. Determine how the sin’s timing affects its impact. Timing is everything—and sometimes timing demands a more aggressive response than would normally be called for.
6. Determine the cost/benefit of sticking with an embattled CEO. Sometimes, a CEO is so visionary and essential to success that the company can afford to take the temporary reputation hit that comes with standing by him or her, according to Levick.
7. Determine how much goodwill resides in the CEO’s trust bank. Has the CEO built up enough credibility and trust to be given the bene t of the doubt for one misstep?
A Communications Infrastructure Is Designed to Handle Questions Such As:
- What’s the issue?
- What needs to be said?
- What needs to be done?
- Who are we talking to?
- How do they prefer to see the message?
- How quickly can the message be disseminated?
Prepare for Problems Before You Have Them
Although it can be difficult to make the case to budget-conscious CEOs, spending dollars up front on communications planning and training will save money in the long term and help avoid a devastating reputational hit. Here are five guidelines to get you started:
- Find an attorney before you need one.
- Update your crisis communications plan to include protocols for reporting a data breach.
- Draft away.
- Train and practice, practice and train.
- Build a social media presence before a breach.