Don't Silo Crisis Solutions

By Robert F. Littlejohn
Many organizations think they have good crisis plans in place when, in fact, their enterprise preparedness programs are fragmented into different silos with poor coordination, communication, and collaboration.
In my experience dealing with numerous global crises during the past 25 years, I have seen how silos cause problems. And recent research confirms why enterprise preparedness is critical to long-term profitability. In 2006, Oxford-Metrica research estimated that 83 percent of companies will face a crisis that will negatively impact the profitability of the company by 20 to 30 percent over the next five years. Another study conducted at Oxford University showed that shareholder value increased by 7 percent for companies that were prepared for crisis versus a decrease of 15 percent for companies not prepared for crisis.
Two recent incidents show how multinational organizations dangerously distribute their enterprise preparedness responsibilities across too many regions, facilities, and departments geographically. Problems such as these do, however, have a solution: vest enough authority in one position to oversee enterprise preparedness, and let it into the C-Suite.
The first case involves a supply-chain disruption. The site was located in Garwolin, Poland. It was the primary product manufacturing facility for Europe, the Middle East, and Africa. This region accounted for a significant portion of the company’s annual revenue.
The incident began with a few workers on the production line complaining of nausea and fatigue. An ambulance was called, and they were sent to the hospital. As the night progressed, more workers became ill and were taken to the hospital. The remaining workers left the facility and refused to return to work.
As the local leadership team arrived in the morning, the situation worsened, and the facility was closed. With the facility now shut down, global security was notified. Global security alerted both the corporate and regional crisis teams and responded to the scene.
In this company, the crisis management function was owned by the global security team, while business continuity and recovery were owned by the risk management group, and enterprise risk management was owned by yet a third unit, the audit team. 
At the scene, a fourth silo was local management, which headed the investigation, yet failed to identify the cause of the workers’ illness. After a few days, management reopened the facility without diagnosing the cause of the trouble, a serious error in judgment that might not have occurred if all of the aspects of crisis management had been centrally managed.
Workers returned, beginning with the night shift. After only a few hours, they again began to feel ill, and this continued throughout the night. The facility was again shut down.
Finally, with the second closure, the global crisis team—composed of the heads of legal, human resources, communications, finance, and security—was activated. The incident had finally been recognized as an enterprise-wide crisis, which was critical if the company was to avoid costly business interruptions and long-term damage to customer relations.
One problem created by the silo effect was that business continuity was a local operational responsibility without enterprise oversight and assistance. Now, on the fly, leaders scrambled to figure out how to source the products if the facility remained closed.
Meanwhile, it took two weeks to determine that an atmospheric problem may have caused gases to reenter the facility. After conferring with local government and various experts, the facility was incrementally reopened.
The limitations and failures in the enterprise risk functions were glaring. Although the company had a comprehensive crisis management program that extended to every region and facility, involved top leadership, and was updated and exercised, continuity and recovery were not part of the crisis management program: risk management owned them. Also, the enterprise risk area was owned by audit. This group was not represented in the solution process and failed to provide enterprise guidance or oversight for business interruption incidents.
This incident represented a serious threat to the brand since the company was unable to provide products to customers during a critical season. Local management had failed to conduct a deep dive into long-term consequences and the strategies needed to meet those consequences.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.