Incident vs Crisis

Not every incident/event is a crisis, but it can have the potential to become a crisis if not handled appropriately.

For example, a stolen laptop that is quickly excluded from connecting to the network remains an incident. If the laptop were to be used to connect to the network and steal personal customer data you could very quickly be in “crisis mode” and dealing with a very damaging event in public.

CEN / TS 17091 defines a crisis as an “unprecedented or extraordinary event or situation that threatens an organization and requires a strategic, adaptive, and timely response in order to preserve its viability and integrity”.

The standard includes a section on principles for crisis management which serve as a good guide for the management of any incident that has the potential to become a crisis. They are:

  1. a) seek understanding of the situation.
  2. b) achieve control as soon as possible.
  3. c) communicate effectively, both internally and externally.
  4. d) be prepared with clear, universally understood structures, roles and responsibilities.
  5. e) build situational awareness by good information management and coordinated working.
  6. f) have a clear and well-rehearsed decision-making and action-driving process in line with the core values and objectives of the organization.
  7. g) implement effective leadership at all levels of the organization.
  8. h) ensure people with specific crisis management roles are competent through appropriate training, exercising and evaluation of their knowledge, skills and experience.

 

Incident Management starts well before an incident occurs. You need to consider what types of incidents are likely to occur and develop “trigger criteria” which if met will mean specific plans to address that type of incident are invoked.

To find out more about incident management and how best to prepare yourselves in the event of crises, request a copy of our free White paper on Risk Management and Operational Resilience.

Recent News

forward thinking imagery

Incident vs Crisis

Not every incident/event is a crisis, but it can have the potential to become a crisis if not ...
Read More
Logging in to attend a CalQRisk webinar

Operational Resilience vs Business Continuity 

At first glance, you might think Operational Resilience is just Business Continuity (BC) by another name, but there ...
Read More
Central bank of ireland building

Assessing your Outsourcing Governance Framework

In March 2022, the Central Bank of Ireland fined BNY Mellon Fund Services €10.78 million for 16 regulatory ...
Read More
laptops on a table doing risk reports

Cybersecurity – What are the risks?

With changes to working culture, and more people working from home than ever, businesses can see the importance ...
Read More
IWD2022 employee spotlight

International Women’s Day Spotlight – Fiona Kiely

It's International Women's Day and today we would like to shine the spotlight on our very own Fiona ...
Read More
risk assessment

10 Key Steps to getting Operational Resilience off the ground

It can seem daunting to begin a brand-new process for your business. However, risk assessments are an easy ...
Read More
CalQRisk and CUMA

CalQRisk at CUMA Spring Conference

CalQRisk will be attending the CUMA Spring Conference & AGM 2022 – “Changing Landscapes” The conference takes place ...
Read More
regtech 100 2022 badge

CalQRisk included in the RegTech 100 List

Now in its fifth edition, the list recognises the world’s most innovative technology solution providers that offer products ...
Read More
risk management cogs and gears of plan

Thematic Review of Risk Management Maturity – Summary of Key Findings

Thematic Review of Risk Management Maturity – Summary of Key Findings Earlier this year, the Central Bank of ...
Read More
Sunday Business Post Logo

Business Post – Improving the Odds

We were delighted to be featured in the Business Post recently. In the article, our CTO discussed the ...
Read More