All About Incident Communication: What it Is, How to Do It, and Why It’s Crucial for Business

No matter how much you try to avoid it, incidents are bound to happen. And while your first instinct is to resolve the issue, it shouldn’t be your only priority.

By solely focusing on solving the problem and not communicating it to affected stakeholders, like team members and customers, you’re actively making the situation worse.

• Mitigate the effects and damages of incidents
• More efficiently and effectively resolve an issue
• Strengthen customer trust and loyalty
• Improve customer experience
• Minimize the spread of misinformation

In this article, we’ll discuss what’s incident communication and how to create a strong incident communication plan.

What’s Incident Communication?

Incident communication is your internal (your organization) and external (your customers) communication strategy whenever an incident occurs. It helps you quickly decide which parties to involve, what to tell them, and the best communication channels to use.

For example, when an employee detects a security breach, they’ll know to call your security manager right away. Plus, you'll already have a PR strategy on hand, so your customers are secure in the knowledge that you're working to best resolve the issue, even before they discover one exists.

This is as opposed to your employee reporting the incident to their supervisor, who’ll inform management and then the appropriate departments. And by the time you take the necessary action, your customers have left you for your competition due to a bad experience.

In other words, incident communication prevents any small incident from turning into a full-blown crisis.

How to set up a strong Incident Communication strategy

While you can’t control the how, when, and why of emergency situations, you can control how your team responds to them. With a strong incident communication strategy, your team takes proactive steps to minimize the damages of a crisis.

1. Identify the different types of incidents

Different incidents require different levels of responses. That’s why you need to identify the potential incident and classify them according to severity. By doing so, your employees know the right course of action, instead of guessing what steps to take.

For example, when your servers slow down due to the incoming traffic of a Black Friday sale, you can categorize it as Low Severity. Thus, your organization will know that a public announcement is enough to inform customers and you don’t need to escalate the issue to upper management.

On the other hand, if you have a bug that prevents iPhone users from using your application, you’ll need more than just a public announcement. You’ll also need to address iPhone users separately from Android users as the latter will find the news irrelevant. Plus, you’ll need to involve your IT department so they can fix the bug.

2. Clearly define the roles and responsibilities of your crisis team

Not everyone should be involved in handling a crisis. Too many hands can make for slower and more inefficient work.

Instead, appoint a select number of people to be major incident managers, communication managers, customer support lead, and other roles. These appointees should understand their responsibility and should be well-trained in handling various emergency scenarios.

Next, inform your entire team of the escalation process, so they immediately know who to approach once they detect an issue.

For example, Gitlab published its incident communication plan. In this plan, they defined the roles and responsibilities of their crisis team, and listed how and when to update stakeholders:

• Security Engineer on Call - validates the incident and takes action against it. They must also alert the Director of Security and VP of Security once the severity of the incident has been identified and give updates every 30 minutes. While they need to inform the Director of Corporate Marketing and Director of Communications as soon as they spot an issue.
• Communications Manager on Call - coordinates the internal communication efforts and makes sure that all parties are updated.
• Security External Communication on Call - determines how to communicate the incident to users.

Gitlab even takes its crisis role one step further by letting the public contact their crisis team when they detect an issue. This way, they can resolve a concern before it evolves into a problem for your entire business.

3. Select your communication channels

Delayed communication means delayed solutions.

Aside from identifying your incident levels and crisis team, you also need to select your communications channel for internal and external announcements. Maybe you’ll use Email for external communications and SMS for internal, but you need to choose the right channels to get the message out and make sure it’s received.

No CEO wants to be the last person to know about the data breach in their organization. At the same time, you don’t want your users to discover the breach on their own. If they do, it can damage their trust in your organization and you can also lose your credibility and authority as a business.

As much as possible, you want to contain the spread of panic and misinformation once an incident happens.

One such poorly handled incident was when Facebook experienced an outage on April 8, 2021. While one of their first steps was to announce the situation to their users, they couldn’t. That’s because they hosted their status page on the same infrastructure affected by the outage.

The result?

Users weren’t only unhappy, but they moved to competitors like Twitter and TikTok, which caused Facebook thousands of dollars in lost revenue.

4. Create pre-written templates

You’d want to clearly communicate the scope of an incident with the snap of a finger.

But you can’t do that if you have to write your public announcements and internal messages from scratch. Without a pre-written template, your team will have to take away from actually solving the issue into figuring out how to frame the message.

Worse, if your team takes too long to compose the message, your users will take it as a reflection of your business—disorganized, unprofessional, and incapable.

The best way to avoid this is by creating pre-written templates for your public announcement, internal messages, FAQs, etc., so you can disseminate them immediately once the incident happens. This also ensures that all communications are consistent with each other.

Include a list of commonly used keywords in your public message to ensure that everyone understands what you’re saying. But don’t hesitate to deviate from the script if necessary—you're obligated to give accurate information at all times.

5. Prepare an action plan during the incident

While alerting the necessary parties of an incident is the first step of an Incident Communication strategy, it shouldn’t stop there.

You also need to continuously update your team members, stakeholders, and users on the development of the situation and when it’s resolved. You also have to identify what types of situations need a post-mortem report and which don’t.

You can summarize your plan in 4 steps:

1. First contact - This is the first time you’re alerting users on an issue. You should:

   1. Acknowledge the issue
   2. Summarize the impact of the issue
   3. Inform them of what you’re doing right now to resolve it
   4. Inform them to stay tuned for further updates

2. Status update - Keeping your users updated is critical in customer service. Without regular updates, your customers will start to distrust your organization and your capabilities in handling issues. You’d want to give updates every so often, depending on the severity of the incident. At the same time, you don’t want to flood users with unnecessary updates for small incidents.

3. Resolution - Don’t leave your users hanging after informing them of an issue. They’d want to know if it has been resolved so they can go back to doing business with you. Or they should know when to start taking necessary precautions to protect themselves against a situation like data breaches.

4. Post-Mortem - The post-mortem process brings your team together to uncover the cause of the incident and make sure your team is on the same page. You can choose to do this in a meeting or even by publishing the takeaways of the incident with customers and your whole organization. Whatever you decide, make sure you aren't pointing fingers and that you conduct your post-mortem quickly after the incident.

To decide when you need to do a post-mortem and when to skip it, set up a threshold within your company. That way, incidents with a high severity level automatically pass the threshold and trigger a post-mortem. And for those that don’t, opt to allow your team leads or management a process to request a post-mortem when they think it is still necessary for low level incidents.

Why communication is key to ending an incident

Human error causes 95% of cybersecurity breaches, meaning not all incidents are avoidable and predictable. When they do occur, you’d want to resolve them as efficiently and effectively as possible. And the only way to do that is with strong incident communication.

Incident communication allows you to accurately and clearly inform your teams and stakeholders of the scope of the situation so they can take immediate action. At the same time, you continue to gain the trust and loyalty of your users by being transparent and honest.

However, incident communication is only as good as the tools you have. If you’re wasting valuable resources on:

• Redundant inquiries from customers asking for situational updates
• Miscommunication among team members during a crisis
• Manually monitoring incidents

Then it’s time to invest in the proper tools that will get your team in top shape.

StatusPal makes incident communication effortless. We closely monitor your services and automatically alert you when a service goes down and recovers. We also integrate with Slack for easier and faster team communication, and MailChimp and Twitter, so you can quickly update your users.

Most of all, we help you minimize further damages so your team can focus on actually solving the problem.

Want to find out how else we can help you? Book a demo with us today.