Virima V6.0 will soon be available with an all-new look, enhanced discovery, mapping and vulnerability features and more. Stay tuned!

Incident management: communication best practices

Incident management Communication best practices

Incidents are a part of business, particularly for companies with a large dependency on technology and data. 

When major incidents happen, business processes, the ability to deliver products and services to customers and/or the ability to ensure the security and integrity of company data are often compromised.

The effects of major incidents may be most immediately visible in the form of operational impacts, but the big and lasting impacts are your company’s reputation with shareholders, regulators and customers.

 Managing the reputational impact on business should be the central goal of a company’s incident management communication plan. 

This is good for incident managers because perception is entirely within their control.

Why stakeholder communications are important

The reason you must be diligent and deliberate about your stakeholder communications during a major incident is because you are controlling the narrative and version of events to which people can respond. 

Without a clear and organized incident management communication plan, customers will seek their own version of facts and develop opinions on the event’s impacts, ultimately spinning the narrative based on their perspectives and biases. The public narrative can often lead to dangerous repercussions; hence, proactive stakeholder communication is important. 

Virima will help your incident responders identify the stakeholders who must be engaged and how to communicate, so the interactions can be direct and consistent and will develop stakeholder trust.

How to prepare for incident communication

 Whether it’s a minor issue or a full-blown disaster, you need to be able to communicate what happened and what your organization is doing about it.

But before you can communicate incidents, you need to define what constitutes an incident. The first step in incident management is identifying the problem. If you can’t identify the problem, it’s hard to know how to fix it.

Once you’ve identified what’s going wrong, it’s time to determine how severe the issue is. Severity is determined by measuring how much harm an issue could potentially cause. 

Once you have identified the severity of an issue, you can communicate to your customers about what happened and when they can expect things to be back up and running again.

Incident management best practices

One of the biggest mistakes organizations make with incident management is not having a plan in place.

They may have an incident management team, but they don’t have a plan for what to do when an incident occurs. This can be incredibly dangerous because it means that there’s no consistency in how incidents are being handled and reported. A few best practices for incident management include:

1. Identifying the stakeholders who are likely to be affected by an issue. These include customers, employees, investors, vendors and partners.

2. Having a reactive communications plan in place helps ensure that you’re responding to an incident in a way that will keep your customers informed and minimize damage to your reputation.

3. Determining what channels to use for communication. For example, social media as a channel of communication can be used to reach people who are active on these platforms.

4. Continuously training and testing the plan so that everyone knows what to do when the time comes. 

5. The incident response process should be balanced between speed and transparency: speed is important because you want to get your systems back up as quickly as possible and transparency is also important because it helps build trust within your organization.

6. It’s important that only authorized employees have access to customer data during an incident investigation—otherwise there could be privacy concerns or accidental leaks of confidential information. 

7. Encourage conversations with help desk staff and other employees who are involved in resolving the incident. This will help them feel more empowered and invested in the process of fixing things.

Communication plan

An effective stakeholder incident communication best practice is intended to guide perception by:

  1. Invoking a calm response to the situation — balancing a healthy sense of importance and urgency with a sense of controlled restraint.
  2. Instilling confidence in the team working on the issue that they know what they are doing and have control of the situation.
  3. Develop a common understanding of the situation’s technical issues and business impact to support thoughtful decision-making about actions that may need to be taken.

High-quality major incident management communication plan

To achieve these objectives and manage perceptions effectively, stakeholder communications must be targeted to the right audience, including the right amount of information, and communicate the impact and technical details of the situation in a way that allows recipients to understand what is occurring without being overwhelmed or mired in details.

They must also be assured that the information they are receiving is complete, current, and accurate — avoiding the need to search for supplemental information from other sources. How information is presented influences quality factors more than the content itself.

Using visualizations in stakeholder communications

As the saying goes, a picture is worth a thousand words. When incidents occur, many contexts have to be conveyed, and complexity must be separated so that stakeholders can focus on the pieces of the situation that actually matter.

Visualizations can help. IT systems operate within the context of business processes, physical locations, and dependency chains that are often difficult to depict in words. However, stakeholders can easily understand where the problem is and how it impacts them with the right picture.

Visualization and mapping capabilities like those found in Virima can depict the impacts of a major incident and be explained with simple business terms. It details what damages have occurred and what it connects to. These are the business processes, operations, or locations that use those components, systems, processes, etc., to complete the job.

Incident mitigation with visualizations

Incident mitigation steps can similarly be explained using visualizations. 

“We are redirecting the connections to provide partial service to users while we fix what is broken or we will deploy these network security guard capabilities around the edge of the environment to stop the attackers from entering from the outside”.

The words may be overly simple, but they can be simple because the picture is telling the rest of the story.

Stakeholder incident management communications are your primary control points when a major incident occurs. They create a common narrative and guide stakeholder perceptions about how well the incident is being managed and whether stakeholders must be alarmed. 

Virima can help you with incident management

With visualization capabilities from Virima, you can transform your operational data into pictures of the incident with the right shapes and colors, so your explanations are direct, concise, and impactful.

Virima is here to help. To get started, contact us today to schedule a demo and explore the possibilities!

Subscribe to Our Newsletter

More to Explore

Table of contentsIT Asset Management (ITAM) is an important part of every IT organizationManaging devices includes managing the entire lifecycle of assetsCybersecurity asset management elevates ITAM to the next levelITAM vs CSAM: Which is a better investment?Stay ahead of all…

Table of contentsThe most important concepts in the CMDBRelationship with other CMDB componentsDifferences between CI relationships and CI dependenciesWhat are configuration item (CI) relationships?Why do you need to define CI relationships?What are configuration item (CI) dependencies?Why do you need to…

Table of contentsIT discovery can be an effective tool for vulnerability managementStaying ahead of cyber threatsVirima Discovery uncovers vulnerabilities and automatically remediates them  Most of the world's largest companies have hit the headlines for all the wrong reasons due to…

As an IT manager, keeping up with emerging cybersecurity threats is daunting. With asset management taking on increasing importance in the digital age, failing to protect your data can have serious implications. For example, the SolarWinds Orion attack in late…

Table of contentsWhat is agentless asset discovery?Agent vs. agentless discoveryBenefits of using agentless discoveryWhen to use agentless discovery?How Virima’s agentless discovery streamlines the discovery processStreamline your IT asset discovery process with Virima What is agentless asset discovery? Agentless asset discovery…

The IT asset discovery process is an essential part of modern IT management. With the massive adoption of hardware and software and the cost of these technologies, it becomes necessary to ensure they are tracked and inventoried. An IT asset…

Table of contentsThe evolving role of ITIT service mapping – the journey so farThe ViVID advantageGetting the most out of your ServiceNow investmentWhen a single solution is not enough The IT department of the future isn't just about server farms…

Table of contentsWhat is IT discovery?Why is a good IT discovery process important?Why should you invest in IT asset discovery1. Invest in the right technology2. Gain visibility of your digital environment3. A proactive security process4. Stay compliant with data security…

Table of contentsUnderstanding the service ecosystemIdentifying the change eventsPrioritizing service impactService mapping is critical to your change management plan1. No more guesswork about ‘what changed’ in your IT environment2. Identify quickly what caused a service outage and respond immediately3. Determine…

Table of contentsKeeping CMDB accurate and up-to-date with application dependency mapping Reducing IT complexity with dynamic visualization of complex CMDB relationshipsAddressing security vulnerabilities on a day-to-day basisStrengthening regulatory compliance Cloud migration and cloud cost optimizationLowering overall IT investment by streamlining operationsTackle your…