ISO 22361 Security and resilience - Crisis management - Guidelines
This project will result in an International Standard that provides guidelines on good practice for crisis management to help the strategic decision makers of an organization to plan, implement, establish, operate, monitor, review, maintain and continually improve a crisis management capability. It is intended for any organization regardless of location, size, type, industry, structure, or sector.
This document will provide guidance for:
- understanding the context and challenges of crisis management;
- developing an organization’s crisis management capability through preparedness (see 5.5);
- recognizing the complexities facing a crisis team in action;
- communicating successfully during a crisis; and
- reviewing and learning.
It is intended for management with strategic responsibilities for the delivery of a crisis management capability. It is for those who operate under the direction and within policy of top management in:
- implementing the crisis plans and structures; and
- maintaining and assuring the procedures associated with the capability.
Kevin Brear (UK), the project leader responsible for writing ISO 22392, explains:
"Crises present organizations with complex and difficult challenges that may have profound and farreaching consequences. These consequences can be very damaging, especially where it is perceived that the organization failed to prepare for, manage or recover from a crisis. There is a risk of significant damage to reputation, and possibly of the collapse of the business and its operations. In short, crises are of potentially existential significance to an organization.
This standard will provide the principles and good practice for the provision of a crisis management response, delivered by strategic decision makers of any organization of any size in the public or private sector. The intention is to aid the design and ongoing development of an organization’s crisis management capability."