Incident vs Crisis

What’s the difference between an incident and a crisis?

Not every incident/event is a crisis, but it can have the potential to become a crisis if not handled appropriately.

For example, a stolen laptop that is quickly excluded from connecting to the network would be classified as an incident. 

If the laptop were to be used to connect to the network and steal personal customer data you could very quickly be in “crisis mode” and dealing with a very damaging event in public.

CEN / TS 17091 defines a crisis as an “unprecedented or extraordinary event or situation that threatens an organization and requires a strategic, adaptive, and timely response in order to preserve its viability and integrity”.

The standard includes a section on principles for crisis management which serve as a good guide for the management of any incident that has the potential to become a crisis. 

They are:

  1. a) seek understanding of the situation.
  2. b) achieve control as soon as possible.
  3. c) communicate effectively, both internally and externally.
  4. d) be prepared with clear, universally understood structures, roles, and responsibilities.
  5. e) build situational awareness through good information management and coordinated working.
  6. f) have a clear and well-rehearsed decision-making and action-driving process in line with the core values and objectives of the organization.
  7. g) implement effective leadership at all levels of the organization.
  8. h) ensure people with specific crisis management roles are competent through appropriate training, exercising, and evaluation of their knowledge, skills, and experience.

 

Incident Management starts well before an incident occurs. You need to consider what types of incidents are likely to occur and develop “trigger criteria” which if met will mean specific plans to address that type of incident are invoked.

 

Summary

Hopefully you now have a better understanding of the key differences between an incident and a crisis, and the potential impacts of both on your business.

To find out more about incident management and how best to prepare yourselves in the event of crises, request a copy of our free White paper on Risk Management and Operational Resilience.

Recent News

Table Tennis Ireland Logo

Table Tennis Ireland Chooses CalQRisk to Optimise their Governance Strategy

Table Tennis Ireland have onboarded the CalQRisk solution to better their approach to board and committee meetings. Table ...
Read More

CalQRisk Shortlisted as Best in RiskTech at the 2024 CIR Risk Management Awards

CalQRisk has been shortlisted for the RiskTech category in the CIR Risk Management Awards in 2024. The Risk ...
Read More
business meeting

Reviewing Risk – A Framework Idea 

The Institute of Risk Management describes Enterprise Risk Management (ERM) as “the overall philosophy that consolidates the management ...
Read More

Ten Things to Learn from Managing an Incident 

Incidents, while often complex and challenging, provide valuable learning opportunities that can enhance an organisation's resilience and strategic ...
Read More

Are you Doing Control Testing in your Organisation?

Regulators, boards, auditors, and other stakeholders all have an increased focus on controls (and their effectiveness) so how ...
Read More
Blue Ocean Logo

CalQRisk Announces a Strategic Partnership with Blue Ocean Reinsurance Group

CalQRisk, a leading provider of governance, risk, and compliance (GRC) software, is thrilled to announce a strategic partnership ...
Read More
laptop and writing in notebook

Minimum Competency Code – ‘And miles to go before I sleep’

The 1st October 2024 effective date for the expansion of the scope of the Minimum Competency Code 2017 ...
Read More

Decoding the Digital Operational Resilience Act (DORA): CalQRisk’s Jargon Buster

Navigating the complexities of regulatory compliance can be daunting, especially with evolving digital landscapes. Enter the Digital Operational ...
Read More

Ten Things to Learn from Managing an Incident 

Incidents, while often complex and challenging, provide valuable learning opportunities that can enhance an organisation's resilience and strategic ...
Read More

Navigating Risk: A Strategic Approach to Risk Management 

In the vast ocean of business, navigating through turbulent waters demands more than just a sturdy ship; it ...
Read More