The Incident Management Response Pyramid: Simplifying Crisis Management

The term 'incident management' can vary widely across different regions and industries, leading to confusion among participants, especially those new to the field. At Risklogic, we've addressed these challenges by developing a clear and straightforward response approach that ensures consistent terminology and targeted action.

Understanding the Incident Management Response Pyramid

Our incident response model, known as the Response Triangle, breaks down crisis management into three key steps: Tactical, Operational, and Strategic. Each step includes specific criteria, impacts, and actions, ensuring that every incident is handled efficiently and effectively.

Tactical Response

This initial response phase is about immediate action to protect people and property. In this stage, the primary objective is to manage the situation quickly and minimize damage.

Criteria and Description

Impact limited to a small area of one building/site. An emergency can be managed by the warden team ECO. Notification of emergency services for response. Expected response time less than 1 hour.

Impacts

People Assets

Examples of Causes

Assault Minor Fire Bomb Threat Medical Emergency Gas Leak IT Outage (Short Term)

Activation and Plans

Contact First Response Team (FRT) Engage Emergency Control Organisation (ECO) Include Security and HR teams Use Emergency Response Plan (ERP) and Disaster Recovery Plan (DRP)

Operational Response

The broader operational response involves managing disruptions with coordination across multiple sites, managing large volumes of people, and recovering critical business functions. This phase is about maintaining service continuity despite the disruption.

Criteria and Description

Emergency affects more than one building/site. Coordination required for site recovery. Warden team needs support to manage people. требуется co?rdination with large numbers of people. Recovery of critical business functions. Regional or national media exposure. Expected response time a few hours.

Impacts

People Assets Business Operations

Examples of Causes

Active Shooter Communication Outage Cyber Attack Death of Staff Member Disease Extreme Weather Major Fire IT Failure Natural Disaster Local Negative Media Exposure Terrorist Attack

Activation and Plans

Contact Management Response and Recovery Team (MRT) Engage Incident Management Team (IMT) Business Continuity Team (BCT) Use Response Recovery Plan (RRP) Include Cyber Response Plan (CMP) and Incident Management Plan (IMP)

Strategic Response

The strategic response is designed for significant events that impact the organization and its stakeholders on a large scale. This phase involves managing key stakeholders and media, as well as strategic decision-making.

Criteria and Description

Large-scale impact on multiple sites. Management required at off-site locations. Stakeholder and media management. International media exposure. Impact on operations, reputation, and finances. Strategic management decision required.

Impacts

People Assets Financial Reputation Operational Strategic

Examples of Causes

Conflict of Interest Data Breach Fraud Widespread Negative Media Exposure Key Staff Resignation

Activation and Plans

Contact Senior Leadership Team (SLT) Engage Crisis Management Team (CMT) Use Strategic Management Plan (SMP) and Crisis Management Plan (CRM)

Conclusion and Implementation

Adopting the Response Triangle helps in identifying and mapping impacts and processes effectively. Many business continuity professionals tend to have a tiered system for event escalation, but our model simplifies this process, making it easier to implement and manage during crises.

Your Response Process

Do you have a similar process in place? How do your teams fit into the Risklogic response triangle? If you are unsure, think about the key steps and roles involved in managing different levels of incidents. This will help you prepare for any future situations.

Next Steps

Until next time, remember to plan, do, check, and act effectively. Stay prepared and vigilant to ensure you can handle any incident that may arise.