I spent a little time commenting on the latest technical specification on guidance for crisis management – a very well written, extensive, informative and thorough document. ISO and National Standards can be highly sophisticated tools for addressing these issues, provided you have experts who understand the issues.
There are two issues at stake here – how you do it, and what you do. The ‘how’ is the strength of the traditional Deming approach coupled with standard risk management and similar tools – which is where i seem to spend large amounts of my life. The ‘what’ is where you need the sector specific experts to cover all the items relevant to the organisation in question.
As ever, success or failure depends on the scene setting in the organisation. You must have top management policy supporting the subject and creating both the need and the ability. Then the organization can plan, write, implement, check and improve the system(s) as needed. This is what i call the four I’s; Identify, Implement, Examine, Improve ( you have to pronounce Examine carefully, and if the addition isnt good enough, then i might add a ‘reserve I’ – Integrate).