When critical incidents interrupt business operations, communicating current and potential impacts is key to ensuring seamless workflows and maintaining shared knowledge and objectives among stakeholders.
So, teams must have an internal incident communications plan to ensure the successful remediation of critical incidents. Which is why this post offers a comprehensive guide to providing efficient and relevant internal status updates during crises.
Internal incident communications is a practice where incident responders deliver routine status updates to relevant stakeholders over the course of an incident. This offers internal stakeholders insight into many things regarding the incident including potential impacts, response efforts, and general incident details.
Overall, internal incident communications provide a centralized line of communication that facilitates enhanced collaboration, allowing teams to reduce response times and establish shared documentation to ensure aligned understanding and objectives.
It is clear why internal incident communications are necessary, considering the unpredictable nature of critical incidents. But it can be a struggle to determine who should be sending and receiving status updates to ensure the most effective incident response.
To make it easier, this is a baseline for who should be involved in internal incident communications:
During the resolution process, an incident commander is appointed to oversee incident response. Considering that this person has a comprehensive understanding about the incident, its impacts, and action steps taken towards resolution, they should be the ones delivering the status updates to internal stakeholders. Additionally, designating one person to deliver status updates, eliminates confusion considering that they have clear awareness of what information has already been delivered, guaranteeing message consistency.
After deciding who will deliver status updates, it is imperative to note who they will be sending them to and in what ways. Status updates should only be delivered to relevant stakeholders including the response team, managers and decision-makers, individuals who will be affected by the incident, and customer support. But it is not common that these groups require the same information, for example, responders will need detailed information that will enable them to remediate issues where management may only be interested in getting a general view of the situation. So it is important to establish clear recipients of certain information and deliver alerts accordingly to promote seamless incident response and internal communications.
Choosing the right tools for your team is paramount to their success, and picking a communication channel is no exception. There are many channel options for internal incident management communications, so these are just a few:
Many organizations rely on email for internal communications, so it is natural to turn to it for incident communications too. Email allows incident commanders to write detailed messages that can convey a lot of information to the stakeholders. Although it is very popular and allows long messages, email does have its downsides when discussing incident alerts. Oftentimes emails get cluttered with junk mail and ads, unfortunately pushing more important emails down, causing stakeholders to miss crucial incident updates.
Messaging platforms are another way for teams to communicate critical information to specific team members. Incident commanders can create group chats that allow them to deliver relevant information to specific groups of individuals. Group chats also facilitate seamless two-way communication, unlike emails where people get caught up in the “reply” or “reply all” battle. But again, this platform causes trouble with clutter. In many workplaces, these instant messaging platforms are used constantly, meaning stakeholders have many messages with varying severity, so determining which to open first can be a hassle, and if you choose wrong there is the possibility that you will miss out on urgent information.
Incident alerting platforms allow incident commanders to deliver distinguishable alerts to their team ensuring widespread awareness of critical incidents. This is a helpful fix for those cluttered inboxes, but what about delivering the right messages to the right people? Fortunately, it is common for these platforms to allow teams to create predefined groups using internal directories to ensure that information is filtered for them.
For incidents that may impact a wider range of people it is common to use a mass notification system. These platforms also allow incident commanders to pre-configure groups based on role, department or geographical area, so that they can inform larger groups about the impact incidents may have on them in particular. These systems are common for larger, more impactful incidents that affect stakeholders both internally and externally.
Some teams opt for a website that relays the status of an incident and is updated accordingly. This allows teams to be certain that they know where to find updates and don’t have to dig through cluttered inboxes. But, many times individuals will not be notified when an update is uploaded, reducing the speed at which people are viewing the update, decreasing the effectiveness of the status updates.
While overseeing critical incidents, incident commanders have significant responsibilities, so having an efficient and simple way to deliver incident updates is essential. Creating a well-structured template for incident alerts is highly effective when delivering timely updates because incident commanders can readily input relevant information into the predefined template. Typically these templates include when the incident occurred, impact on systems, services, and clients, actions taken, and any progress made. By outlining specific details, incident commanders can ensure that they are clearly and consistently communicating relevant information.
During incident response, internal updates that align with each phase must be made. It is also important to note that there could be multiple updates sent out within a phase. To simplify, here is the information that should be relayed during each phase of the incident response process:
Immediately after an incident is detected it is important that all stakeholders are promptly informed. So this update should introduce the incident and include when the incident occurred, known system or service impact, and next steps. This ensures that responders take action and that affected parties are aware of potential disruptions.
Once the incident response team has begun investigating an issue, they may identify potential causes and develop a plan for remediation. These are crucial details that must be communicated to internal teams. So, the incident commander should deliver an update that includes potential causes and action items, as soon as these details are surfaced to ensure efficient incident response.
The affected stakeholders have real-time visibility into the status of an incident, so by communicating with them during the remediation process, responders can evaluate the progression of the incident. During this phase, incident commanders should communicate, steps taken towards resolution, when those steps were taken, and how to identify the issue. This enhances collaboration and allows for immediate review of the success of the action steps.
Once an incident has been resolved, incident commanders should deliver a final incident update. This will allow stakeholders to confirm that the incident has been remediated and prepare them for the post-incident review.
While immediate status updates may sometimes be necessary, consistent communication is key. Teams should be made aware of when they will be receiving status updates to ensure seamless communication.
These are the best practices for internal incident communications:
Clear and concise language ensures widespread understanding among multiple stakeholder segments. Technical terms may not be common company wide and can cause miscommunication.
Templates allow incident commanders to streamline the distribution of critical information. They also ensure that vital information is always included in incident alerts.
Segmenting recipients allows incident commanders to avoid delivering irrelevant information to stakeholders. By delivering filtered alerts, teams can ensure clear and concise communication and prevent overwhelmed stakeholders.
Post-incident reviews are conducted after incidents are resolved and they require detailed documentation from the incident. By maintaining organized records of the alerts delivered throughout the incident, teams can successfully utilize them during a post-incident review.
Providing consistent updates keeps stakeholders up-to-date on all of the relevant incident information. This also enables collaboration which may in turn expedite incident response.
OnPage is a valuable asset that streamlines incident response and ensures the prompt delivery of incident updates.
OnPage offers a variety of features including:
Many times stakeholders miss updates when they are delivered through common communication channels including email or SMS. That is why OnPage provides teams with distinguishable push notifications that rise above the clutter, by bypassing the silent switch. This ensures that stakeholders never miss a critical status update.
OnPage allows teams to create groups based on roles within the internal directory, so that incident commanders can easily deliver the right updates to the right people. This expedites the alert delivery process and ensures seamless communication.
OnPage allows visibility into when an alert was delivered and read to ensure that incident information is promptly received and stakeholders are informed. This is also valuable data that should be recorded and stored for the post-incident review.