5 steps for getting crisis-ready right now
This article originally appeared in our July 3rd edition of the Diligent Minute Newsletter. For more insights like these, delivered straight to your inbox, subscribe here.
Board members have a lot on their minds right now. They currently rank the level of risk U.S. businesses face just below 7 on a scale from 1 (lowest) to 10 (highest), according to the latest Director Confidence Index by Diligent Institute and Corporate Board Member. Top issues include supply chain and inflation/currency risk, geopolitical fluctuations and changes in the regulatory environment along with widespread concern about the economic risk of tariffs.
These issues add to an already-long list of evergreen threats to a company’s business and bottom line — like a product failure, cyber attack, executive scandal or high-profile lawsuit — along with the aftermath. Too often, a negative headline triggers customer flight, investor panic or both, causing a ripple effect of legal, business and reputational challenges.
With the threat of crisis escalating and evolving by the day, Megan Baier’s session at the Next Gen Board Leaders Summit was perfectly timed. A partner with Wilson Sonsini Goodrich & Rosati, she shared tips and best practices for crisis management.
The steps shared reflect common sense: Identify the issue, mitigate it and manage the communications. But they’re deceptively difficult to execute well under pressure — which is why boards need to be crisis-ready long before a negative incident breaks out.
Here are five top takeaways shared at the Summit on making that happen.
Takeaway 1: Assemble your team
Key players include legal, audit, PR/IR, and bankers. But don’t get too carried away. Smaller groups typically make faster decisions.
It’s also important to equip team members with clear roles, responsibilities and lines of reporting.
Takeaway 2: Have a plan
A pre-built playbook should cover likely scenarios and the latest best practices, along with guidelines for reporting, disclosures and getting the word out via social media and other channels.
Takeaway 3: Practice that plan
According to the latest Corporate Director Index, nearly half (47%) of boards are engaging in scenario planning to navigate the current crisis environment. In my opinion, this number should be much higher.
Tabletop exercises are an excellent way for crisis team members to master their roles, share feedback and build their muscle memory for an effective response — all in a low-stress environment where mistakes are still learning experiences.
Takeaway 4: Find the line between transparency and protection
When something negative happens, investors, customers, employees and other stakeholders want to know. Competitors, activists, and regulators seek this information as well — but for very different reasons.
For boards, this means conflicting pressures to announce bad news quickly versus waiting to gather more facts.
Also note that different crises trigger different legal obligations, such as:
- State notification laws and SEC disclosure requirements for cybersecurity incidents
- CPSC or FDA reporting for product safety issues
- Restatement requirements for financial irregularities
Whistleblower complaints, insider trading investigations and issues related to stock prices in particular require careful coordination between communication and legal teams.
Each scenario requires tailored legal strategies alongside communications planning, she emphasized.
Takeaway 5: Keep ERM front and center
Finally, an important reminder to directors:enterprise risk management is a board fiduciary duty, requiring enterprise-wide attention.
- Are boards receiving regular reports from management about the risks departments are seeing and actions they’re taking to mitigate these issues?
- Do board members know enough about the issues to ask the right questions — and are discussions being captured in board minutes for future reference and guidance?
- Are committees receiving regular reports as well in their specialized areas like cybersecurity and audit?
- Do committee charters clearly define who’s responsible for overseeing what, to avoid overlap and gaps?
The overarching takeaway is this: Knowing what to expect — and how to respond — when the unexpected happens can keep a board in good standing with investors, customers, regulators and more, even in a year when crisis feels more like business as usual.
Curious about how U.S. boards are navigating today’s business landscape? Delve deeper into the latest Director Confidence Index results.
Want regular access to original research in the field of GRC? Bookmark our Diligent Institute hub page for the latest surveys, podcasts and reports.
What makes a truly exceptional board director?
Inside the WSJ’s top 250 directors report
Boards face cybersecurity regulation hurdles
Boards grappling with a wave of new rules regulating cybersecurity should remember that it applies to “material” processes, not all systems.
What Directors Think 2025
Read the 2025 edition of What Directors Think, conducted in partnership with Corporate Board Member and FTI Consulting, to find out what's on public company directors' minds for the year ahead.
