Crisis management is the identification of threats to the organisation and its stakeholders, as well as methods utilised by the organisation to deal with these threats. Because of the unpredictability of global events, organisations must be ready to keep up with the potential for drastic changes in the way they run their business. Crisis management frequently requires decisions to be made within a short time frame, and frequently after the event has already taken place. Crises like a fire, the death of a Chief executive officer, terrorist attack, data breach, or disasters might lead to tangible and intangible costs to a business with regards to lost sales, clients, and decrease in the firm’s profits.

Companies that efficiently put a business continuity plan in place in case of unforeseen contingencies can mitigate the consequences of any negative and unpredictable event that occurs. The process of having a continuity plan in place in the case of a crisis is known as crisis management. To have a business continuity plan in the aftermath of a crisis, most companies begin by conducting a risk analysis of their businesses. Risk analysis is the process of identifying any adverse events that might occur and the probability of the events occurring. By running simulations and arbitrary variables with risk models, like scenario tables, a risk manager can evaluate the likelihood of a risk occurring in the future, the best- and worst case outcome of any negative event, and the harm that the company would incur should the risk materialise. For example, a risk manager might estimate that the likelihood of a flood occurring within a company’s area of operation is very high. The worst-case scenario of a flood will be destroying the company’s computer systems and hard disk drive, thus, losing relevant data on clients, suppliers, and on-going projects. This planning is very important for small businesses since they often lack the resources to cope easily in a crisis. Failure to plan could be disastrous.