Menu
Strategy
4 WAYS TO ASSESS YOUR INCIDENT RESPONSE PLAN
Starting-up a start-up from the eyes of starter-uppers.
Todd O'Keefe
Chief Content Officer
Table of Contents
DOCUMENT SUCCESSES AND FAILURES
Post-incident is almost as important as the incident itself.
It is prime time for capturing details for your After Action Report (AAR) including the plan, how it was managed and the final outcome.
AARs document the successes and failures of your incident response plan, builds layers of accountability into your reputation management processes and prototypes best and promising practices for avoiding future pitfalls.
4 QUESTIONS TO ASK IN AN AFTER ACTION REPORT
After the incident, get the key individuals involved in the plan to walk through these four steps.
1. WHAT HAPPENED?
First, describe the events and type of incident that occurred.
Keep a list of the involved team and key stakeholders in the event, and present overview findings to the team.
Be sure to include internal and external factors.
2. WHAT WORKED WELL?
Take note of how the plan unfolded and highlight the success and failures of the response plan.
Where did the team have to pivot or slightly change course?
Are there any external factors that your team was unable to accurately forecast?
What was the result of those unresolved factors?
3. WHAT NEEDS TO BE CHANGED?
Record any modifications that need to be layered into the incident response plan going forward.
Review, revise and refine any and all key messaging that didn’t resonate with your public.
In a nutshell: what didn’t work and how can you alter it to make sure the plan works in the future?
4. WHAT HAVE YOU LEARNED?
Gather together as a team and decide on the top three to five learnings that came from the incident.
Did key messaging express empathy?
Did you discover weak spots in your digital infrastructure that made your brand a target for hackers?
Did your brand ambassadors step up and advocate for your brand?
RECOGNIZE YOUR HARD WORK
Survey all key stakeholders in person or by email to assess how your incident response plan worked and what they thought of your response to the incident.
Consider involving your board of directors, your customers, your staff and even your vendors in this process.
Your plan helps you anticipate incidents, such as identifying and repairing technology vulnerabilities and preventing future negative events.
Consider sending progress reports to your customers.
Post these updates to your website, letting your prospective customers know how you fixed the situation.
During this incident, everyone will learn some hard lessons, but your team worked really hard to protect the reputation of the company.
While you don’t necessarily want to relive a painful event, you can acknowledge the hard work and ingenuity of your team by recognizing milestones that occur in the future.
Celebrate the effort, not the event.
MANAGE YOUR REPUTATIONAL RISK
Interested in more ways to manage your reputational risk?
Grab your handy playbook for getting ahead of unforeseen reputational risk factors and avoiding public fallout from a negative incident.
Manage your brand optics, and stay in control by thinking ahead and having a plan.
GET THE GOODS
Our starter-upper blog is a place you’ll find creative trade secrets, shop talk and the trials and errors of a creative incubator.
Our goal is to make things people will enjoy and want to share—from storytelling and copyhacking best practices to articles, videos and white papers.
Join the Starter-Upper newsletter today and get more articles like these ones.
CONTROL
YOUR BRAND
NARRATIVE
Get ahead of a negative incident with your free copy of 14 Ways to Manage Reputational Risk and learn how to activate and assess your plan after an incident happens.
GET THE STARTER-UPPER INSIGHTS