This paper examines how businesses can prepare for and respond to crises, with particular emphasis on technological failures and information systems disruptions. Drawing on established crisis management literature, the paper distinguishes crisis management from risk management, outlines a three-phase crisis management model, and explores the roles of contingency and continuity planning. It argues that thorough preparation — including clear lines of authority, designated spokespersons, and data continuity plans — significantly reduces damage when a crisis occurs. The paper concludes that effective crisis response is a shared organizational responsibility, not solely a leadership function, and that how a crisis is handled often matters more than the crisis itself.
The paper uses definitional contrast as an organizing technique — it anchors each new concept by explaining what it is not before explaining what it is. This is especially effective in the opening paragraphs, where crisis management is defined in opposition to risk management, helping the reader build a mental framework before encountering specific strategies.
The paper opens with a problem statement and key definitions, then surveys types of crises with emphasis on technology. The middle sections apply a three-phase model and explore two planning tools: contingency and continuity planning. The paper closes with a normative argument about shared organizational responsibility. Each paragraph advances a single focused point, keeping the argument easy to follow across six logical sections.
When a business faces a crisis, its leaders often struggle to know what to do. Generally, this occurs because of a lack of planning. If leaders are not familiar with rules and procedures, lines of authority, and channels of communication during normal times, those deficiencies will be magnified when a crisis takes place. Fortunately, there are established strategies for crisis management, including strategies that address technological crises and IT management problems (Barton, 2007).
Crisis management is not the same as risk management. Risk management involves assessing threats and finding the best way to address them before they materialize. Crisis management, however, involves dealing with threats after they have already taken place or while they are actively occurring (Barton, 2007). What is required for crisis management is therefore very different from what is required for risk management, where plans for potential problems are developed but there is nothing immediately threatening at that particular time.
Crises can include technological problems, natural disasters, organizational misdeeds, man-made or terrorist disasters, workplace violence, rumors, malevolence, and confrontation (Dezenhall & Weber, 2007). Some are much easier to address than others, and some can be relatively minor, while others are far larger and even catastrophic. When it comes to information systems, technological crises are among the most worrisome and most common. These issues generally occur because technology is becoming increasingly complex, and when one thing goes wrong, many things can fail in a chain reaction. Human error can trigger this reaction, but there are also times when technology fails without warning and without any identifiable cause (Ulmer, Sellnow, & Seeger, 2006). Both software and hardware can fail, and the overall damage will depend on what systems that hardware and software supported — technological failures can be far more than a nuisance for people who suddenly cannot access their email.
Companies that want to protect themselves as much as possible should consider following the crisis management model. There are three specific phases to this model: diagnosing the impending crisis or identifying danger signals, choosing an appropriate turnaround strategy, and implementing and monitoring the process of change (Dezenhall & Weber, 2007). Crisis management planning examines the best ways a company can respond to a crisis. While no company wants to experience a crisis, how that crisis is handled can seriously affect public scrutiny and the overall damage done (Barton, 2007). Even a large crisis can result in relatively little damage if it is addressed quickly and appropriately. Conversely, a "smoldering crisis" — one that grows slowly and becomes a serious problem because nothing is done about it — can cause tremendous damage in a short period of time, even when the original problem could have been easily addressed.
Contingency planning is one of the first steps a company can take to be better prepared for crisis management (Ulmer, Sellnow, & Seeger, 2006). By using this type of planning, any company can simulate what would take place during a crisis and determine what actions would be taken if one were to actually occur. The old adage "practice makes perfect" may seem like a cliché, but there is real truth to it. Even though no company wants or expects to experience a crisis in its operations or technology, the companies that are truly prepared for nearly every eventuality will be the ones that sustain the least damage relative to the severity of the crisis that occurs (Dezenhall & Weber, 2007).
You’re 53% through this paper. Sign up to read the remaining 3 sections.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.