 Hello and welcome to this session in which we will discuss business resiliency plans and specifically we're going to be discussing the crisis management step in the prior session. We looked at organization continuity planning system availability controls, which are part of a business resiliency plan in this session will focus on crisis management. What is crisis management? Well, it's the process of preparing for and responding to as well as recovering from significant event that threaten the business operation, reputation or survival. What does that mean? It means do you have a plan in place in case a crisis happens? How are you going to manage this crisis? And specifically, how are you going to lessen its impact? How are you going to lessen its impact, its effect? It's an essential piece of business resilience because when the crisis occur, there's nothing you can change. What you can change is how you respond to this crisis and how do you respond to this crisis is by preparing through something called crisis management, which is the ability for a company to adapt and recover from disruption and maintain its operation. A good example will be Walmart. When Hurricane Katrina occur in 2005, which is a natural disaster, Walmart set up crisis management center to coordinate emergency response effort and donated $20 million of relief effort and reopened stores as quickly as possible to provide essential supplies for the communities. So this is part of the crisis management for Walmart. When something happened, they have people involved, they set up a headquarter, maybe they have some money allocated for this and they have steps, they undertake steps to open their stores as soon as possible. Another example will be Aquafax, the credit reporting agency. In 2017, they experienced a cyber security incident, simply put over 143 million accounts, consumers account information once was stolen from their database. It was a massive data breach, one of the largest one in the US. So what did Aquafax did? Same thing, they implemented a crisis management plan. What did they do as part of it, providing free identity theft for those who are affected to protect them and taking steps to improve cyber security protocols, among other things. Again, this was part of their crisis management and each company as part of their business resiliency, they should have a crisis management. Before we proceed any further, I have a public announcement about my company, farhatlectures.com. Farhat accounting lectures is a supplemental educational tool that's going to help you with your CPA exam preparation, as well as your accounting courses. My CPA material is aligned with your CPA review course, such as Becker, Roger, Wiley, Gleam, Miles. My accounting courses are aligned with your accounting courses, broken down by chapter and topics. My resources consist of lectures, multiple choice questions, true-false questions, as well as exercises. Go ahead, start your free trial today. There are several steps involved in crisis management, which are what? The first one is to be proactive and how do you how do you be proactive? Identify potential steps. So the first step is to identify potential crisis that could affect the business. And basically, this step, too, is taken when you have an organization continuity planning. Basically, you will try to be proactive and assess the risk that you can face, identify possible threats and vulnerabilities. But here, you're identifying those vulnerabilities and trying to prepare a response in terms of crisis management. Then you develop a crisis management. That's the second step. And this plan should include procedures for responding. Now you have in the steps procedures for responding to crisis, identifying who's going to be affected and how are you going to communicate to them? What you do is you establish a team, a crisis management team, and you guys are in charge. Once something happened, including key personnel from various departments to coordinate a response to a crisis. And this team obviously should be prepared, trained to respond quickly and effectively. You don't just assign them, you train them, you give them some resources so they can put their act together. And effective communication is the most important thing during crisis because we need to know what's going on. There's going to be a lot of confusion. Therefore, the crisis management team should communicate with stakeholders, including employees, customers, supplier, media, government entities, regulatory bodies, if necessary, to provide timely and accurate information. You don't want someone else providing the information during crisis. For example, some people on Twitter or some people on social media, you want to control this. How do you do that? You have a team communicating the information in a timely manner and accurately. You got to test the plan. This includes activating the crisis management team, basically drills, communicating with these stakeholders and taking steps to mitigate a scenario of a crisis. What's its impact? And obviously after the crisis occur or maintained, it's important that you evaluate the response and identify areas for improvement because crisis will happen. And you may not be perfect in responding, but you got to learn from it. This includes reviewing crisis management plan and procedures, identifying any gaps or weaknesses and making changes as needed. And at the end of the day, what you do after you go step five, you update the crisis plan. So based on the evaluation of the response, you should update and revise the plan as needed to ensure that the organization is prepared for the future crisis. That is always inevitable. If you're a company, you're going to face crisis. You got to be prepared on how to deal with crisis. This should be part of your business resiliency plan. So this is basically the third component of a business resiliency plan. The fourth component is disaster recovery or disaster recovery plan, which we'll discuss in the next session. What should you do now? Go to Farhat and look at additional resources, MCQs, if you're studying for your CPA exam or any other certification. Good luck, study hard and invest in yourself.