The following article on incident response planning was written by Mike Hicks, CMO, Igloo Software, and was originally published on Igloo's corporate blog, Work Rewired.
I’ve been watching Chernobyl on HBO and I can’t stop thinking about it. There are so many aspects to mull over, but I keep coming back to one main theme: planning. Or the lack thereof. Sadly, just about everything that happened that day could have been prevented with proper planning.
And by the way, let’s include communication under that “planning” heading – because good communication is at the heart of every great incident response plan. Once the initial explosion occurred, a lot of secondary damage could have been contained through a well-considered incident communication strategy.
Before I carry on, let’s take a second to clarify a few things. How do you define an “incident”, anyway? It’s one of those words that can mean just about anything if you don’t get specific.
A quick internet search will tell you that when it comes to an “incident response plan,” businesses are thinking about a range of things, from epic (if not quite Chernobyl-esque) disasters like floods, earthquakes, and cyber attacks, to less grandiose (but still significant) technical issues that cause downtime for customers.
At Igloo, we take incident response planning very seriously, and have built detailed plans for all these scenarios, then tested, refined, and rehearsed them.
Obviously, not all incidents are equal. Today, we’ll focus on the most common types: the ones that disrupt or reduce your ability to service your customers, such as power outages, network downtime or software glitches. These may not always be the most scintillating incidents, but for most businesses, they’re the kind that employees will probably have to deal with sooner or later.
Handled poorly, they can be your organization’s downfall. Handled well, they can actually improve the way customers feel about your brand, boosting both trust and loyalty.
Get started: Incident response plan template
So how do you plan for trouble? You map out all the key things you’ll need to do and address, no matter what causes the issue. An incident response plan template is a great place to start. A solid template will ensure you have all the key factors covered, so there are no questions about how to handle things when they inevitably do crop up.
To help you get started, have a look at this incident response template. It’s based on the one we use here, but I think you’ll find it useful as you build out a plan that’s tailored to your own unique requirements.
Your template needs to cover a range of issues, but you don’t want it to be unwieldy. It’s there to serve a critical purpose, so it needs to be easy to understand and easy to follow for everyone. You’ll want to track who’s read it and test to make sure they understand their role inside and out.
What your incident response plan template should cover
In addition to downloading the template and modifying it to suit your requirements, one helpful way to ensure you’re covering all the bases is to use the old journalist’s trick: think Who, What, Where, When, How, and Why.
- Who: Who can trigger an incident report? Who must be notified, both internally and externally? (For example: depending on the severity, do you need to alert all customers? The media?) Who’s responsible for what action in the resolution process? Who’s leading the charge?
- What: What defines an incident? What defines a particular incident’s severity? NB: You’ll likely want to use a scale to rate each issue. What if there’s a dispute over the severity? What’s the workflow you’ll use for resolution? What are the steps that must be followed?
- Where: Where do you find the tools and assets you may need to use in the resolution process?
- When: How quickly must you react, depending on the type and severity of incident? When is this kind of issue likely to occur again?
- How: How do you resolve each kind of incident? How do you communicate (internally and externally) at each step of the way?
- Why: Why did this happen, and what can be done to prevent it from happening again?
How values fit into the equation
That brings us to our final point. Knowing that the best plans plan for the unplannable, it’s a great idea to map out your values to help ensure your people stay on track if they do have to address something you didn’t (or couldn’t) see coming.
For example, at Igloo, we believe in these guiding principles when it comes to incident communication:
Customers shouldn’t be left waiting and wondering when there’s something going on.
We define exactly how often we need to be in touch according to an incident’s priority level. And we stick to it.
Customers shouldn’t have to guess at what’s happening. Avoid jargon. Give them the straight goods.
For example: If we’re going out across a number of channels with an update on a service disruption, we’re careful to tell the same story regardless of the format, so there’s no room for confusion.
A little empathy goes a long way. When we’re at fault, we apologize, and make it clear that we understand the impact our customers are experiencing.
Nothing good comes from a coverup.
Incidents that impact your ability to effectively serve your customers aren’t usually a matter of life or death. Thank goodness. But how you handle them can make or break your business. That’s why there’s no better time than right now to get your incident response plan locked down.
And stay tuned for a follow-up post, where we’ll talk about how to set up an incident zone inside your digital workplace.