Are you ready to answer the call, when something goes wrong?
In the current issue of Directorship magazine, it was pointed out that management (and directors) may only have 5 minutes after an event before bloggers, tweeters, and the press start asking questions.
While it is necessary to appear in control and responsive, that doesn’t sound like much time to figure out what happened, let alone what the organization should do or what to tell the public.
I recommend reading an opinion piece in today’s Financial Times, then discussing the challenge with the executive leadership team and the board.
- Is it clear who can talk to the media, the government or regulators, bloggers and tweeters, etc?
- Are they adequately trained?
- Do you have procedures so that these people are notified of events quickly enough?
- Are you confident that you will have a message fast enough to preserve the organization’s reputation?
- Are your processes for notifying the top management and board well-defined and known? Will they be able not only to provide direction but also answer any questions directed to them?
Auditors: have you addressed this area? It could represent a major risk to the reputation of the business, potentially affecting customer demand, intrusion by regulators, etc.
Recent Posts on this Blog
- New guidance on operational risk December 3, 2016
- Why do so many practitioners misunderstand risk? November 26, 2016
- A new front opens in the SOX battle November 20, 2016
- Internal audit reports do the function a great disservice November 12, 2016
- My new book on Auditing that Matters is available November 9, 2016
- Time for a leap change in risk management guidance November 5, 2016
- Cyber security and the board October 29, 2016
- The biggest obstacle to effective risk management October 28, 2016
- A revolution in risk management October 22, 2016
- Why do people commit fraud? October 14, 2016
- What could go wrong with strategy and its execution? October 6, 2016
- Is a new maturity model for GRC the right model? September 25, 2016
- The Wells Fargo “Staff Scam”: More questions and fewer answers September 16, 2016
- The astonishing Wells Fargo fraud September 10, 2016
- Leading an effective information security capability September 4, 2016
- Do we know how to audit technology-related risks December 3, 2016
- The State of Information or Cybersecurity November 28, 2016
- Back to the Future for Internal Audit November 21, 2016
- How Do You Change the Culture of the Organization? November 15, 2016
- Why Does ERM Fail So Often? November 7, 2016
- Incentives and Ethics: Transparency International Speaks Out October 31, 2016
- A COSO Gem Helps Assess Risks and Related Control Deficiencies October 25, 2016
- Focusing on the Wrong Line of Defense October 17, 2016
- Internal Audit and the Internet of Things October 10, 2016
- Fraud, Abuse, and Corruption September 26, 2016