1. Blog
  2. Communication

Incident Response Planning: How to Prepare for the Unexpected

Brian C. McIlravey

December 30, 2020 · 5 min read

When we first heard of COVID-19, I don’t think anyone expected how pervasive it would be, how much it would change our lives, how much it would transform the way we work, and how rapid that change would be. But here we are, almost a year later and still trying to adjust to this new normal, which now may be less new, and just normal.

This pandemic has tested many businesses’ incident response plans this year, and has shone a light on what works well and what needs to be improved.

But what has become apparently clear, is that an effective incident response plan must include a solid incident communications strategy, makes all the difference when a crisis hits.

The challenge is making sure you cover all the bases of what an “incident” can be. Catastrophic events like floods, fires, earthquakes and most recently, a pandemic, are some obvious examples of incidents that would kick start an incident response plan into action.

But any incident that causes downtime and affects customers would fall into this category, too. Even seemingly minor power outages, software glitches,? network disruptions or corporate network hijacking can have a major impact on business.

Handled poorly and without planning, they can cost a tremendous amount of money and loyalty. Handled well, they can actually improve the way customers feel about your brand, boosting both trust and retention.

To make sure that an incident has the least amount of impact on your business, especially during a time when most employees are working remotely, it is of the utmost importance to keep everyone connected across a digital workplace through timely incident communications and reliable tools.

Get started with an incident response plan template

So, how do you plan for uncertain risk? You map out all the key things you’ll need to do, and using an incident response plan template is a great place to start. A comprehensive template will help you cover all the bases, so you know exactly the steps to follow when an issue, big or small inevitably occurs.

To get you started, have a look at this incident response template below. It’s based on the one that Igloo uses, but I think you’ll find it helpful as you build out a plan that’s tailored to your own unique requirements.

Download the Incident Response Plan Template?

Although your template needs to cover a range of issues, it’s important to stay focused so it doesn’t become unwieldy. Keep it easy to understand and easy to follow for everyone, so there’s no confusion during a time when actions need to be quick and decisive. You’ll want to track who’s read it and test to make sure they understand their role in the plan.

In respect to ‘role in the plan’ make sure you involve the right people in the planning, such as Executives, your Business Continuity group and your Corporate Security group who have significant roles in ensuring incidents are handled properly.

What your incident response plan template should cover

In addition to downloading the template and modifying it to suit your requirements, one helpful way to ensure you’re not missing important information is to approach it like a journalist. Think “Who, What, Where, When, Why,? How, and How Much.”


Who can trigger an incident report? Who must be notified, both internally and externally? (For example: depending on the severity, do you need to alert all customers? All employees? The media?) Who’s responsible for what action in the resolution process? Who’s leading the charge?


What defines an incident? What defines a particular incident’s severity and where would it fall on a scale to rate each issue? What if there is a disagreement over the severity? What’s the workflow you’ll use for resolution? What are the steps that must be followed?


Where do you find the tools and assets you may need in the resolution process? Is it up to date and easily accessible? Or is it in a binder no one can find.


When do you bring the plan into effect, in terms of how quickly you must react for each type of incident and severity level? When is this kind of issue likely to occur again?


Why did this happen, and what can be done to prevent it from happening again? Proper post incident tracking and investigation management is essential in this process.


How do you resolve each kind of incident? How do you determine when the incident is ‘over’ How do you communicate (internally and externally) at each step of the way?

How Much

Also known as ‘impact’ and one of the most important parts of the severity rating, It’s important to understand both financial and human impact for any incident or risk.

Guiding principles for incident communications

Of course, there’s always a risk of something unanticipated occurring during an incident, so it’s important to build that into the plan as well.

One way to address the risk of the unknown is to map out your corporate values. This will help steer your employees in the right direction, and stay on track if they have to address something that you didn’t (or couldn’t) see coming.

At Igloo, we apply the following guiding principles when it comes to incident communication:

React quickly.

Customers and/or employees shouldn’t be left waiting and wondering when there’s something going on.

Communicate frequently.

We define exactly how often we need to be in touch according to an incident’s priority level — and we stick to it.

Be clear.

Customers and/or employees shouldn’t have to guess at what’s happening. Avoid jargon and get straight to the point.

Be consistent.

If we’re going out across a number of channels, we’re careful to tell the same story regardless of the format, so there’s no room for confusion.

Be honest and transparent.

Nothing good comes from leaving information out. The impact of deception is greater than the benefit of taking responsibility.

Incidents that impact your ability to effectively serve your customers or impact your employees could make or break your business. That’s why there’s no better time than right now to get your incident response plan locked down. And while you’re at it, take a look at how your business tools will hold up during an incident. Are they strong enough to support business continuity? If your entire operating model changed in one week, like it did with COVID 19 with the shift to an entirely remote workforce, do you have the right tools to communicate and ensure everyone is getting the right message, at the right time.

Get the right tools in place, ahead of time

Plans are only as good as the tools that support them. Put your tools to the test as you run through your incident response plan. If there are some hiccups due to technology, now’s the time to address them.

Igloo provides digital tools you can rely on for crisis communications and business continuity. Our user-friendly intranet platform is the foundation for many of our’ customers business continuity plans. For our customers in the healthcare industry, keeping their staff updated with the latest COVID-19 information has been critical in the battle against the virus.

Partners HealthCare, for example, is a network of 78,000 healthcare professionals, and they rely on the Igloo platform as their go-to tool for managing communications. For them, Igloo has been indispensable during this pandemic, and their “ability to communicate and come together as a team would have been significantly impacted” without the help of our platform.

Many other customers have identified their Igloo as a mission critical tool to ensuring Corporate Communications during crisis are timely, accurate and easy to find.

Read the blog article

Timely communications are everything during a crisis, but there are other ways that a stellar intranet can help you manage an incident effectively as well. Take a look at this article for 6 Ways to Use Your Intranet for Business Continuity During a Crisis.