Skip to content
Mask group (7)
Mask group (6)
BC Metrics

4 Metrics to Help Your Organization Improve at Crisis Management

Written by: Michael Herrera

Get notified when we post

Prepare For the Worst with the Best in the Business

Experience capable, consistent, and easy-to-use business continuity management software.

Some things are naturally tough to measure, but if you can figure out a way to do it that is meaningful and consistent, it can give you a real a leg up in improving your performance in that area.

This is definitely the case with crisis management.

The things that matter most in effective crisis response can be tough to quantify, but there are ways of putting number values on those areas that can yield meaningful insights into your readiness.

Such metrics can help your organization identify the strengths, weaknesses, and opportunities of its crisis management posture. They can also help you in creating an optimally performing crisis management team, which is the key to helping you minimize the negative impacts of an emergency.

In today’s post, I am going to share with you the four metrics that I think every organization should gather and track if they want to be capable of responding effectively in a crisis. At the end, I’ll explain how you can leverage this data to improve your organization’s crisis management program.

4 Metrics to Help You Get Better at Crisis Management

Here are the four areas of crisis management which I think every organization should quantify and track if they want to get better at handling emergencies:

Threat Readiness

This metric is about measuring how prepared the organization is for handling the different threats. The threat landscape is continually changing.

The severity of events is increasing. You already know about performing a threat and risk assessment. To gauge your threat readiness, rate your capability on a scale of 0 to 100, looking at how prepared you are to handle each of the following kinds of threats:

  • Black swan events. Emergencies that are unpredictable and unexpected. They come from outside ordinary experience and are potentially very damaging.
  • Events that are known and prepared for. These are things everyone is aware could happen and which the organization has taken measures to deal with. Examples might include storms, earthquakes (if you’re in a seismic area), cyberattack, terrorist attack, and pandemics.
  • Events that are known but unprepared for. These are the negative events the organization is aware could happen, but which no one has taken steps to deal with. This is usually because the possibility scares the daylights out of everyone. An example might be the possibility that the organization could simultaneously lose its primary and backup data centers.

In assessing the organization’s readiness to deal with each type of threat, give a score of 0-60 if the organization has done little to nothing to prepare. A score of 60-80 means you have some solid provisions in place and are making good progress. A score between 80-100 would mean the organization is in pretty good shape in terms of being prepared to deal with that threat.

Team Capability

Quantify who on the team is good at what. Divide this metric up into the different crisis team skill areas, such as leading, facilitating, and executing, depending on what makes sense for your organization. Evaluate how the different crisis team members stack up in each area. An informal, 1-to-5 scale is good for this, with 5 meaning excellent, 3 average, and so on. Alternately, you could use a color-coding system, using green to indicate that the person is highly skilled in that area, yellow if they are competent, and red if their aptitudes lie somewhere else.

This can be a sensitive issue. No one wants to be harshly judged for doing something they have taken on in addition to their regular duties.

Many people like to be thought of as being good in a crisis. This isn’t an overall judgment on anyone; it’s a recognition that being in a crisis requires certain unique skills (such as having the optimal degree of reactiveness). The idea of the metric is to identify how people perform on the unique skills that go toward successful crisis management.

The skill of the team members and their ability to work together is the main factor in determining how well the organization will respond to the crisis.

Infrastructure Readiness

All the infrastructure elements you depend on in dealing with a crisis should be assigned a score of 0 to 100. What is the operational capability of your command center(s), supplies, and technology? Between 1 and 60 means you have something in place, however basic; 61 to 80 means the core components are there; 81 to 100 means everything is working normally and you’re pretty much there. Be skeptical. If you set up that conference bridge line for your crisis team a year ago, are you sure it still works?

Don’t give yourself a 100 on that one unless you’re sure.

Past Performance

Score how well the team has done in its response to previous incidents, whether exercises or real events. Choose five areas that are special priorities for your team and quantify them using one of the methods described above. What kind of things should you evaluate? Look at areas such as your ability to notify and assemble the team, the quality of your command and control, whether people understand their roles and responsibilities, and whether the team can come to a decision quickly.

How to Use These Metrics to Improve Your Crisis Management Response

So, you have your numbers. What do you with them? Use them as a guide for focusing your future efforts. “We’re doing well here. Great. Let’s keep up the good work.” Or: “Whoa, we’re really weak here. Maybe we should put a little effort into bringing this area up.” These targeted, rational adjustments will pay off if and when you have an event to deal with.

You can also take the data to your steering committee as a basis for discussions about what new resources you need (or maybe don’t need).

Dividing your crisis response into different areas and assigning scores to them can provide valuable insight into your organization’s readiness to handle whatever craziness might come its way.

This approach gives you a rational basis for guiding your efforts moving forward, which is the best way to get the most value out of limited resources.


Mask group (5)

Business Continuity Software for Companies that Mean Business

We understand your need to protect your organization in the face of rising threats while juggling with limited resources, inadequate manual tools, or even overly complicated BC software.

Other resources you might enjoy

Reduce Business Continuity Failures by Avoiding These Two Common Mistakes

Most of the time when organizations suffer significant...

Ensuring Compliance Using Compliance Confidence

Coming into compliance with business continuity regulations...

Ready to start focusing on higher-level challenges?