Skip to content

Crisis Communication in Business Continuity: Keeping Stakeholders Informed

Business Continuity and IT Disaster Recovery Blog

Crisis Communication in Business Continuity: Keeping Stakeholders Informed

When your business suffers in a crisis, it is easy to become focused on simply returning your business to functionality. However, while getting your business up and running again is important, you must keep your key stakeholders informed. While it can tempt you to try and disguise the issue and fix it as soon as possible, this is not often possible. During any form of business continuity planning, it is essential to formulate a policy for crisis communication.

If there is one thing that your business partners will not tolerate, it is deception. They will understand that problems can happen, especially when facing a natural disaster. You can only prepare for these issues in so many ways. If you try and pretend that everything is OK, though, you can annoy and frustrate key stakeholders.

Who are these stakeholders? Every business is different. For many companies, key stakeholders involve shareholders and customers. For others, it might be key supply chain partners or businesses you work with. Whoever the stakeholders are, ensuring they understand the situation – and that a plan is in place to resolve the issue – is critical to retaining trust.

Things can go wrong in business, but you must ensure that the people who should know do know. How do you build a coherent and effective stakeholder communication policy in times of crisis?

Where Do I Implement My Crisis Communication Policy?

The best way to build crisis communication planning is through your Business Continuity process. This should be part of your plan to get things back up and running. Amid that business continuity plan, a section should focus on who with – and how – you communicate these circumstances.

Your business should look to put in place a dedicated “speaker” of sorts: the person who will “front up” and deal with your key stakeholders. That might be your partners, suppliers, clients, or even the media. However, please do not throw this person under the proverbial bus: make sure they can lean on the support of subject matter experts within the business.

For example, if your crisis concerns cybersecurity, your Chief Security Officer or your Head of IT should be involved in communications alongside your appointed spokesperson. Ensuring your company knows who will be involved in each discussion makes it easier for your staff to be prepared to speak when something goes wrong.

Your communications process should be embedded with any business continuation planning your business undergoes.

How Do You Communicate The Problem To Stakeholders?

The next phase of your communications plan should come from what mediums you use to contact individuals. The first and foremost solution is to contact your most important people: your partners, suppliers, and clients. These people drive your business; if there is a problem, they should be the first to know.

Letting stakeholders know that there is a plan in place and that an investigation is underway is the easiest way to assuage fears. Transparency is critical here: you do not want to hide behind vague language. This can make it sound like you have been caught cold and are still working out the next steps to progress.

It would be best if you also looked to update all forms of external communication. Your website, social media, and even features like voicemails should all be updated to include disclosure of the issue and that a solution is being put in place. This builds trust and lets people know why you are out of service.

Set Out A Plan Of Action

Your communication should go some way to assuaging fears that your business has been irrevocably damaged. It should be clear to those being addressed that there is a problem but also a solution. If possible, set out what this plan will be. The more information that you can provide, the better. This builds confidence that your business has already considered the likelihood of such an issue.

This can reduce the risk that clients or partners feel unprepared for your business. One of the main benefits of having such strong communication during a crisis is that it can allow you to make clear that you are already taking action. So, make sure that your communications make the issue clear and that a solution is in place.

Make Clear What Still Operates

If parts of your business are still active during the post-crisis period, make that clear. This can mean that some of your key functions can continue. Clients and partners are then clear that your business can still achieve some of its goals and complete some of its objectives. That might seem like a small thing, but ensuring that your business can at least continue to turn some profit can be very important.

Not every crisis will destroy every part of your business. You might still be able to offer some services. If that is the case, let those who should know.

Provide Regular Updates

The next stage should be to give updates as and when your business can return to functionality. You should spend as much time as possible providing updates on what functions are back up and running. The more detail you can provide, the easier it will be for key stakeholders to remain confident in your business. These updates also help to give people certainty that your business will come through the crisis and return to full operational functionality.

Do Not Make Promises You Cannot Keep

Lastly, ensure that your communication plan avoids overly confident assertions of recovery. Many companies make the mistake of setting hard deadlines that, with only minor issues, cannot be met. This loses trust quickly with the people you need to retain confidence in your business after the incident.

You should ensure that your company is clear that the problem has been found and that a resolution is in place. Avoid giving direct statements about when the problem will be resolved. This can create needless pressure for your staff, making resolving matters more complex than it should be.

Make sure that your business is prepared for the eventuality of crisis communication with our training programs. We offer effective, robust ways to come out the other side of such a damaging process.

BRCCI – Business Resilience Certification Consortium International (

We are thankful to the author for allowing us to post this insightful article on our website. BRCCI provides a comprehensive training and certification program in business resiliency, continuity and IT disaster recovery planning:

1. 3-day CBRM (Certified Business Resilience Manager) is a comprehensive, all-in-one, 3-day Business Continuity Planning and Management Training and Certification course which is designed to teach practical methods to develop, test, and maintain a business continuity plan and establish a business continuity program.

2. 3-day CBRITP (Certified Business Resilience IT Professional) is a comprehensive training on how to assess, develop, test, and maintain an information technology (IT) Disaster Recovery Plan for recovering IT and telecommunications systems and infrastructure in the event of a disaster or business disruption. The training provides a step-by-step methodology to ensure a reliable and effective IT disaster recovery and continuity plan consistent with the industry’s standards and best practices.

3. 2-day CBRA (Certified Business Resilience Auditor) It provides 2 days of intensive, Business Continuity Audit training to enable students to determine the effectiveness, adequacy, quality and reliability of an organization’s Business Continuity Program. Students will learn an audit methodology to evaluate compliance of Business Continuity and IT Disaster Recovery Programs with the current industry’s best practices and standards including:

  • ISO 22301: Business Continuity Management Systems – Requirements
  • NFPA: Standard on Disaster/Emergency Management and Business Continuity Programs
  • ITIL: Information Technology Infrastructure Library

For information on the above program, please contact BRCCI (, 1-888-962-7224).

On Key

Related Posts

ICR Standard

ICR Standard Author: Dr. Akhtar Syed Download PDF Section 1.0 – Introduction The Integrated Continuous Resiliency (ICR) standard, developed by BRCCI (, is a comprehensive

What is ISO 22301 standard?

What is ISO 22301 standard? Author: Andrea Patricia Sanchez Dominguez Download PDF 1. Introduction The Standard ISO 22301 was proposed in 2012 as a new