Fuente: Harvard Business Review
Autor: Eric J. McNulty y Leonard Marcus
Complex, fast-moving threats to organizations can happen at any time. Disruptions from severe weather events, to cyber-attacks, to active shooter incidents can strike from outside, and there is no shortage of self-inflicted internal jeopardies, whether the act of a rogue individual or a toxic culture, that can also wreak havoc. Witness the scandals at Boeing, Peudue Pharma, and Facebook among others as well as the many #MeToo incidents of sexual harassment.
Yet, according to recent research by the National Association of Corporate Directors, almost half of respondents reported that their focus on known risks was a barrier to understanding and preparing for threats that are hard – or impossible – to predict. Furthermore, fewer than 20 percent of respondents felt confident that management could handle such risks.
When companies seem ill-prepared in the face of a crisis, the first question people ask typically is, “Where was top management?” It is quickly followed by, “Where was the board?” particularly when the problem involves the CEO or another senior executive.
Ideally, boards should dedicate a block time each year to better understand and prepare for major threats to the business. This should be considered integral to their fiduciary duty to represent the shareholders who inevitably will pay for the consequences of a poorly handled disruption. But given that most board agendas are already packed more tightly than a subway car at rush hour, attention to crisis preparedness tends not to get much attention. Often, it is only after the fact, when a board is consumed with repercussions it could have ameliorated, that preparing for a crisis suddenly seems important.
In our more than 15 years of researching and teaching crisis leadership, we divide crises into two phases: The event itself, and the response to it. Most stakeholders – customers, investors, employees – are sympathetic when a company is hit by a hard-to-avoid disaster; they are less forgiving if the response is poor or panicked; if measures that could have been taken beforehand to mitigate effects were ignored; or if leadership downplays the impact of the situation. There is little patience or sympathy for an avoidable disaster within a disaster.
Strategic response
To reduce this sort of toxic fallout, management and boards should pursue two strategies: The first is to ensure that the company is prepared to handle the likely threats it could face; the second is to prepare the board itself to act, if needed.
We have worked on crisis leadership with Schlumberger, the global energy services company, for more than seven years. Given its sector and global footprint, the company faces a wide range of threats, including industrial accidents, geopolitical unrest, activist protests, and terrorist attack. Over the years of our engagement, we have helped the company develop a board-supported approach to crisis leadership and management that now permeates the culture.
At the root of this program is a fundamental corporate commitment to the company’s health, safety, and environment (HSE) function as a core differentiating competency. Rather than viewing these activities as compliance costs, Schlumberger views them as investments in its three most important assets: its people, its reputation, and its ability to operate.
Costs are managed down. Investments, on the other hand, are expected to produce a return. To that end, outcomes on a variety of HSE metrics are key performance indicators. When the company discovered that motor vehicle-related accidents were the number one cause of employee fatalities worldwide, it launched a multi-pronged initiative to address the problem that included a driver education program and a trip management system to monitor routes, driver fatigue, and more. Employees are forbidden to use their telephones in a vehicle—even in hands-free mode, and they may be terminated for failing to wear a seatbelt even once, no matter their rank. For a range of potential field operational risks, employees are fully empowered to put safety ahead of short-term speed or cost considerations. Such a rigorous approach prompts employees throughout the organization to look for and preempt risks both large and small.
The next layer of this risk management strategy is having well-trained emergency management teams at the local level, complemented by regional and corporate crisis management teams for incidents that cannot be resolved locally. These teams instruct managers about the risks they face as well as the steps to mitigate them and, if necessary, respond. The expectation is that any incident will be managed as close to the source as possible. This multi-level structure motivates risk avoidance and minimizes impact when something does go wrong.
Our work has been with the regional teams to ensure global consistency of crisis leadership principles, practices, and vocabulary. In a company where individuals change roles and geographic locations frequently, this consistency lowers the risk of slow or disjointed responses.
The board’s role has been to provide consistent support for the extensive assessment, training, and monitoring necessary for the company to remain risk ready, even when there are immediate pressing challenges to address. For example, when oil prices plunged in 2015 and 2016, a 75% drop from their high in June 2014, there was intense pressure to cut costs. Eventually, Schlumberger undertook a significant restructuring. Despite this turbulence, the company continued to invest in safety initiatives, with board approval, to ensure its ability to meet potential disruptions.
Since the corporate crisis management team was put in place, Schlumberger has had to activate it only once: during the Ebola outbreak because of its global implications. Every other incident has been handled at the local or regional level. That is no accident.
The COBRA model
When a board takes risk preparedness seriously, it lessens the likelihood that it will be summoned to manage a crisis. No preventative system, however, is perfect. Hence our second recommendation: adopt a variation of the crisis response system used in the United Kingdom at the board level.
The UK, and other Commonwealth countries, use a Strategic, Tactical, Operational (STO) management structure to manage incidents. Each incident response is allocated one Strategic Commander on the team, one Tactical Commander, and as many Operational Commanders (geographic or thematic) as necessary to fulfill responsibilities. Thus, the strategic members function as the senior management of the response. On the political side are senior elected officials and policy makers, often referred to as the COBRA group because they meet in the Cabinet Officer Briefing Room A, located in Whitehall near to 10 Downing Street, the rough equivalent of the Situation Room at the White House. A designated senior, non-elected civil servant on each side in a formal liaison role serves to foster an orderly flow of information between the two. This structure enables political leaders to have input into the handling of the operation while ensuring that they do not try to run it. Conversely, the strategic team members receive valuable information about the political ramifications of their decisions while remaining able to maintain an essential “battle rhythm” to keep pace with unfolding events.
Now, translate this model to the corporate setting. Think of the corporate crisis management team as the equivalent of the UK-model strategic team and the board as the COBRA group. Imagine a designated board liaison on the former and a counterpart member of the board on the latter (each with alternates). Assuming such roles in advance allows the crisis management team and the board to build familiarity, confidence, and trust. This is particularly important for the crisis manager who may have to convey hard truths to powerful board members in a vexing situation. Similarly, a board member who knows the crisis team members and how they work can provide valuable input while tempering the impulses of board members to intervene in operations.
In general, boards should not become directly involved in most crises. Responding to these is best left to senior managers who understand the details of the business. However, board members represent the shareholders and must be prepared to engage if needed. In our turbulent world, any board that is not paying attention to crisis management is courting disaster.
