Customer Experience

Crisis management: plans are important – but seldom enough on their own

When a global pandemic strikes, it’s of course essential to have all the necessary crisis-management and business continuity plans in place. But the sheer unpredictable nature of a pandemic means they will unlikely be effective without a culture of adaptability and flexibility…

By Michelle Griffey, Chief Risk Officer, Communisis


As the restrictions placed on us all by the Covid-19 lockdown begin to ease, and as we begin to edge, slowly, to some semblance of normality, it’s important to look back at how well prepared we were for this hugely unexpected ‘black swan’ event – how well we responded and what we might do differently if placed in a similar situation again. 

As risk specialists, this is an essential part of our role – not only so we can learn from what we could have done better and adapt accordingly, but also to ratify some of the plans and processes we had in place.

Like many large organisations, at Communisis we had in place all the resilience models, business continuity processes and crisis plans that you would expect. But, while these plans and processes proved incredibly important – what this pandemic has confirmed for me is that they will only be impactful if they are supported by a culture and approach that is completely dynamic, reactive and flexible.

Plans on pieces of paper are necessary. But a workforce culture with the mindset to adapt and amend those plans on an almost minute-by-minute basis is essential to their success.

A good example of this has been how we adapted operational plans across all of our sites during the crisis. Prior to Covid-19 breaking, we of course had fully prepared pandemic plans in place for a disruption to any of our sites.

However, it quickly became apparent to us that this was not the type of issue that would disrupt a specific site. It was a global issue that would impact every one of our offices, factories and warehouses. We watched as this pandemic advanced across the world. We watched it move towards the UK through our offices in Italy, then through Spain – and it was clear this had the potential to disrupt all our sites at once.

It was essential therefore, that we were able to take a dynamic, real-time view of the specific disruptions at every one of our sites, every day, and redirect work and resources accordingly.

To help with this, the Communisis incident management process was invoked at the highest level and we moved to almost constant contact between the crisis management team – so we could pre-empt needs rather than wait for a disruption to occur and then attempt to respond.

At a practical level, as we saw Europe being impacted, specifically Italy, we undertook risk assessments across all areas to understand the impact of a 20% reduction in workforce, asked all staff to do a work-from-home test on a specified day to assess IT system capability, and then put in place a mandatory work-from-home requirement for office staff. This was done more than a week before the government advice told us to work from home. Advice and guidance was also given to home-working staff on use of IT to maximise connectivity (such as Skype outside of VPN), ensure security and cyber threat awareness (such as phishing) and to maintain wellbeing (through virtual team events). Regular staff communications were put in place, including through question-and-answer sessions that delivered consistent messaging from the top, to give confidence and stability.

Our flexibility and adaptability also allowed us to quickly and effectively put other measures in place. Moving all non-production staff away from the critical production sites allowed focus to be placed on these areas and changes were made to enable social distancing – including staggered shifts, as well as additional cleaning and hand sanitising units. Sickness was then monitored across all production areas and work balancing was implemented.

Being in a pre-emptive P1 (Crisis) Incident, reporting went into the Board daily around IT performance, sickness and supply chain, as well as any other operational issues that needed to be addressed. Changes were made to the sick-pay policy to ensure no individual would feel the need to come onto site when ill, and all vulnerable staff were protected.

In order to keep clients informed, the Communisis Incident Bulletin Board was implemented as a client facing tool – communication is critical and proactively doing so helps build confidence while allowing Communisis staff to concentrate on maintaining service.

While the pandemic is a good example of Communisis invoking its incident management process, this forms part of our wider Risk Framework aimed at building a resilient business to support our clients. Without strong risk registers and an understanding of risk management at all levels, the teams would not have been in a position to understand where there might be pinch-points and additional risks. Nor would we have so quickly been able to consolidate a company-wide view of the potential impacts of the pandemic and make changes to process so quickly while maintaining effective controls.

All of these activities combined to help us navigate a truly disruptive period for our business and for our clients, one which is not over yet.

But the overriding takeaway I have from this period is that none of these measures would have worked had we not had the adaptable, responsive and flexible culture.

I often say that the best risk teams will always tell you that a tick-box exercise is seldom enough. A truly effective risk response is built on the mindset of the people involved. Our response to Covid-19 has certainly shown that to be true.  


We use cookies to ensure that we give you the best experience on our website. By continuing to browse the site you are agreeing to our use of cookies.

Find out how we use cookies