Writing Emergency Plans

Most leaders fear crises, but crises unlock growth. My 5-step framework shows how. I’ve spent over 20 years guiding founders through tough times - turnarounds, pivots, and moments when the future felt uncertain. I've learnt that chaos is not the end. It’s often the start of something better, if you have a system you trust. A client story stands out. They faced economic challenges that threatened their business. By using my 5-step framework, they went from survival mode to a turnaround in 6 to 12 months. No magic, just discipline, hard work and a repeatable system. Here’s the framework that made the difference: 1. Assessment ⇀ Take a clear look at what’s really happening.  ⇀ What are the facts? Where are the issues?  ⇀ Be honest about strengths and blind spots. 2. Alignment ⇀ Make sure everyone is on the same page.  ⇀ Get buy-in from your team and partners.  ⇀ Set the vision and share it often. 3. Action ⇀ Move quickly on what matters most.  ⇀ Build a plan and break it into steps.  ⇀ Start with the hardest task first. 4. Acceleration ⇀ Once you see progress, increase the pace.  ⇀ Remove slow parts, double down on what works. ⇀ Keep the team focused. 5. Assurance ⇀ Check results, and adjust your plan.  ⇀ Celebrate wins and learn from setbacks.  ⇀ Support your team. Reflect on these steps for your next business pivot: ➞ What is your real starting point? ➞ Who needs to be aligned for success? ➞ What action can you take today? ➞ Where can you speed up? ➞ How will you get assurance? Growth often hides behind a crisis and the right framework could turn your fear into clarity and momentum. I know economic times are tough for many business owners, but please keep going. Your next breakthrough could be closer than you think.

Everyone is facing challenges right now. At the core, what we all want is to feel secure, supported, and capable of moving forward. The reality is, many are still navigating challenges: → Teams strained by constant change and uncertainty → Leaders juggling impossible priorities with limited resources → Employees grappling with burnout and the pressure to perform Here’s what people truly need: 1. Clarity of Purpose: People need leaders to articulate the “why” behind actions and decisions, especially in uncertainty, so teams can focus on what truly matters. 2. Psychological Safety: Leaders must create an environment where team members feel safe to speak up, share ideas, and express concerns without fear of judgment or retaliation. 3. Support for Vulnerability: Encouraging openness, admitting mistakes, and modeling vulnerability helps teams navigate challenges together. 4. Shared Accountability: Leaders need to ensure that responsibility is shared, not just top-down, so the team feels collectively committed to results. 5. Guidance in Conflict: Leaders should coach teams to embrace constructive conflict and ask the hard questions (“What’s not being said?”) rather than avoiding tension. 6. Consistency and Presence: In hard times, people need leaders who are visible, engaged, and steady, providing reassurance through consistent actions. 7. Empowerment for Growth: Leaders should continue to invest in people’s development, even under pressure, showing that growth and learning remain priorities. 8. Trust in the Team: People need leaders who trust them to make decisions and take ownership, rather than micromanaging during crises. 9. Transparent Communication: Sharing as much information as possible, even if imperfect, helps people understand the reality of the situation and reduces fear of the unknown. 10. Commitment to Co-Elevation: Leaders must demonstrate that even in hard times, the team’s success and growth matter as much as individual goals, lifting each other up together. This is the kind of leadership that makes a real difference.

Land the plane. If you’re in it right now, dealing with a missed goal, a major bug, a failed launch, or an angry keystone customer, this is for you. In a crisis, panic and confusion spread fast. Everyone wants answers. The team needs clarity and direction. Without it, morale drops and execution stalls. This is when great operators step up. They cut through noise, anchor to facts, find leverage, and get to work. Your job is to reduce ambiguity, direct energy, and focus the team. Create tangible progress while others spin. Goal #1: Bring the plane down safely. Here’s how to lead through it. Right now: 1. Identify the root cause. Fast. Don’t start without knowing what broke. Fixing symptoms won’t fix the problem. You don’t have time to be wrong twice. 2. Define success. Then get clear on what’s sufficient. What gets us out of the crisis? What’s the minimum viable outcome that counts as a win? This isn’t the time for nice-to-haves. Don’t confuse triage with polish. 3. Align the team. Confusion kills speed. Be explicit about how we’ll operate: Who decides what. What pace we’ll move at. How we’ll know when we’re done Set the system to direct energy. 4. Get moving. Pull the people closest to the problem. Clarify the root cause. Identify priority one. Then go. Get a quick win on the board. Build momentum. Goal one is to complete priority one. That’s it. 5. Communicate like a quarterback Lead the offense. Make the calls. Own the outcome. Give the team confidence to execute without hesitation. Reduce latency. Get everyone in one thread or room. Set fast check-ins. Cover off-hours. Keep signal ahead of chaos. 6. Shrink the loop. Move to 1-day execution cycles. What did we try? What happened? What’s next? Short loops create momentum. Fast learning is fast winning. 7. Unblock the team (and prep the company to help). You are not a status collector. You are a momentum engine. Clear paths. Push decisions. Put partner teams on alert for support. Crises expose systems. And leaders. Your job is to land the plane. Once it’s down, figure out what failed, what needs to change, and how we move forward. Land the plane. Learn fast. Move forward. That’s how successful operators lead through it.

Your stomach drops. Slack is on fire. This isn’t just a crisis—it’s the moment that makes you. Handling high-stakes moments isn’t a bonus skill. It’s 𝘵𝘩𝘦 leadership skill. Here’s what separates those who bounce back stronger from those who don’t: 1. Own the outcome → Use active language: “We deployed a change that caused the outage,” not “The system failed.” → Show up. Be visible. → Skip the explanations initially — lead with acknowledgment → Own the full impact, not just your part → Roll up your sleeves alongside the team → Ask “How can I help?” — not just “When will it be fixed?” 2. You’re communicating even when you’re not → Send regular updates, even if there’s little new info → Set clear expectations for the next update (and meet them) → Differentiate clearly between what you know and don’t → Be transparent about severity and impact 3. Don't let a good crisis go to waste → Document lessons while the experience is fresh → Share learnings beyond your immediate team → Turn insights into system improvements → Use the crisis to upgrade your playbooks These actions build something more valuable than a crisis-free record: Unshakable trust. Teams trust the leaders who show up. Stakeholders remember the ones who stay steady under pressure. Your toughest moments are your biggest opportunities for leadership growth. What’s one crisis that changed how you lead?

HSE CHECKPOINT Daily HSE Checkpoints: • Workplace Inspections: Check for hazards, ensure proper PPE use. • Tool/Equipment Checks: Ensure tools are in good condition. • Incident Reporting: Review accidents or near-misses. • Safety Briefings: Pre-shift safety meetings. • Housekeeping: Maintain a clean, hazard-free work area. Weekly HSE Checkpoints: • Risk Assessments: Update based on weekly tasks. • Safety Training: Address training gaps. • Safety Audits: Perform detailed safety checks. • Incident Logs Review: Analyse and address trends. • Emergency Drills: Practice safety protocols. • PPE Inventory: Ensure proper PPE usage and stock. Monthly HSE Checkpoints: • Comprehensive Safety Inspections: Review the entire facility. • Compliance Review: Check adherence to regulations. • Incident Analysis: Review safety data and trends. • Environmental Audits: Assess environmental compliance. • HSE Performance Review: Analyse overall safety performance. • Management Meetings: Discuss progress and set goals. Yearly HSE Checkpoint: • Comprehensive Safety Audit: Conduct a thorough audit of the entire workplace, including systems, equipment, and processes. • Regulatory Compliance Review: Ensure full compliance with local, state, and federal regulations and update procedures as needed. • Long-Term Risk Assessments: Review and update risk assessments for all areas, including new and evolving hazards. • Health and Safety Policy Review: Evaluate and update the company’s HSE policies and procedures based on performance data and any regulatory changes. • Emergency Response Plan Update: Review and revise emergency response plans, ensuring they are effective and well-practiced. • Training Needs Assessment: Identify and plan for any advanced or new safety training requirements for employees. • HSE Performance Report: Analyse and document the year’s safety performance, identifying successes, trends, and areas for improvement

ISO 45001:2018 Checklist – Are You Ready for the Audit? Getting ready for a certification or surveillance audit for ISO 45001? Here’s a concise checklist to help you assess the essentials: 1. Organizational Context Analysis of interested parties Identification of internal/external issues 2. Leadership & Worker Participation H&S policy communicated Roles and responsibilities defined Worker consultation & participation in place 3. Planning Risk & opportunity assessment SMART H&S objectives Action plan implemented 4. Support H&S training and competence Internal and external communication Documented information available 5. Operation Effective operational control Management of change Emergency preparedness and response 6. Performance Evaluation Monitoring and measurement of H&S performance Internal audits conducted Management review held 7. Improvement Nonconformity handling Corrective actions tracked Continuous improvement demonstrated #ISO45001 #OHSMS #QHSE #InternalAudit #WorkplaceSafety #HSE #ManagementSystem

Safety Officer Documents Checklist A List of Essential Documents Every Safety Officer Must Maintain 1. Health and Safety Policy and Plans Health and Safety Policy Statement Site-specific Health and Safety Plan Emergency Response Plan Fire Safety and Evacuation Plan 2. Risk Assessments and Control Measures Risk Assessment Reports Safe Work Method Statements (SWMS) Hazard Identification Reports (HAZID) COSHH (Control of Substances Hazardous to Health) Assessments Job Safety Analysis (JSA) 3. Training Records Induction Training Records Toolbox Talk Attendance and Records Specific Training Records (e.g. Working at Heights, Confined Spaces, Hot Work, H2S, First Aid) Competency Certificates for Workers Refresher Training Records 4. Equipment and Machinery Records Equipment and Machinery Inspection Reports Lifting Equipment & Scaffolding Certificates Maintenance Logs (Tools and Equipment) PPE (Personal Protective Equipment) Issuance Records Calibration Certificates (where applicable) 5. Incident and Accident Records Accident / Incident Investigation Reports Near-Miss Reports First Aid Treatment Logs RIDDOR Reports (if applicable) Lost Time Injury (LTI) Records Return-to-Work Certificates 6. Inspection and Audit Records Daily Site Inspection Checklists Weekly / Monthly Safety Audit Reports Fire Extinguisher Inspection Logs Housekeeping Inspection Reports Corrective Action Reports (CAR) 7. Legal and Compliance Documents Local Regulatory Permits and Approvals Environmental Impact Assessments (EIA) Work Permits (Hot Work, Confined Space Entry, Excavation Permits, Electrical Isolation) OSHA / ISO / Local Compliance Certificates Safety Data Sheets (SDS) 8. Worker Records Medical Fitness Certificates Attendance Sheets for Safety Briefings Incident and Disciplinary Reports Worker Identification and Certification Copies 9. Environmental Management Documents Waste Disposal Records Environmental Monitoring Logs (Noise, Dust, Water Quality, etc.) Spill Response and Incident Reports Energy and Resource Usage Logs 10. Communication and Notices Safety Meeting Minutes (HSE Committee, Management Meetings) Non-Compliance Notices / Corrective Action Notices Displayed Safety Posters and Signage Records Safety Bulletins and Alerts Distribution Log 11. Emergency Preparedness Records Fire Drill and Evacuation Drill Reports Emergency Contact Lists First Aid Kit Inventory Logs Emergency Equipment Inspection Records 12. Contractor and Subcontractor Records Contractor Safety Induction Records Subcontractor Risk Assessments and Method Statements (RAMS) Subcontractor Competency and Training Records Work Permit Compliance Records 13. Proactive and Reactive Monitoring Records Proactive Monitoring: Number of Risk Assessments Conducted Safety Inspections and Walkthrough Reports Reactive Monitoring Incident / Complaint Records Ill Health and Occupational Disease Cases #SafetyAwareness #SafetyOfficer #SafetyDocument

💥 40,000+ CVEs were published in 2024. But attackers only needed a few dozen to cause global chaos. So here’s the real question: Which ones actually mattered? 🧠 We analyzed over a thousand vulnerabilities this year — not just for their CVSS score, but for their exploitability, visibility, and blast radius across the supply chain. And what we found was striking: ➡️ Most exploited CVEs were NOT the highest rated by CVSS. ➡️ Many companies are still using KEV lists as the only prioritization lens. ➡️ And too many vulnerabilities were exploited before most teams even knew they existed. 🎯 That’s why we built the 2025 Supply Chain Vulnerability Report: a roadmap for how to move from theoretical risk to real-world risk management. 👇 One of my favorite views from the report — the “High Probability, High Impact” zone that combines Severity, Exploitability, and Exposure. 🔗 Read the full report here: https://lnkd.in/d3j-kffw 🙌 Massive kudos to the BRITE team at Black Kite, especially Ferdi Gül, our senior vulnerability researcher, who relentlessly analyzed CVEs all year long. His work is behind most of the insights in this report. It’s rare to see that level of precision and persistence — and it made all the difference. 🙏 And thank you to the team at VulnCheck, especially Patrick Garrity 👾🛹💙, for publishing their excellent 2024 Vulnerability Report. Their research helped us benchmark and contrast CVEs that were exploited in the wild vs. the ones BRITE flagged as high risk. Community collaboration makes us all better.

Crisis Maps: Your Silent Advantage When Chaos Strikes In the world of risk, timing is everything. When a critical incident occurs—a cyberattack, data breach, natural disaster, or reputational blow—organizations have minutes, not hours, to act. Yet many still rely on static documents or fragmented threads to coordinate their crisis response. This is where crisis maps shine. More than a visual tool, a well-designed crisis map offers an immediate, shared understanding of what needs to happen, who does what, and in what sequence. In times of uncertainty, this clarity isn’t just helpful—it’s a competitive advantage. A crisis map is a structured visual guide that helps organizations manage high-impact events through a consistent and pre-established response flow. It fosters critical thinking, streamlines collaboration, and eliminates ambiguity—especially when pressure is high and time is short. These maps don’t replace automated systems; they work in synergy with them. As companies deploy automated threat detection, SOAR; and even AI-powered decision-making systems, crisis maps provide the governance overlay that ensures such tools align with strategic, ethical, and regulatory expectations. Integrating crisis maps into a broader GRC program is not only strategic—it’s essential. Governance defines who makes decisions and why. Risk management assesses what threats are likely and how damaging they could be. Compliance ensures responses adhere to legal, ethical, and regulatory standards. Crisis maps bridge all three by converting policies and risk scenarios into executable, intelligible workflows. They support consistency, cross-functional action, and accountability—even when key steps are executed by intelligent systems in real time. The rise of AI and automation doesn’t eliminate the need for human leadership—it heightens it. A crisis map ensures automated detection and containment tools (e.g., for ransomware or data loss) operate within a structured framework. They also define when systems must escalate to human teams, ensuring transparency and control. The map becomes the logic that binds machine-driven response to oversight—critical when legal, reputational, or ethical decisions arise. It also bridges operational response with external communication, which cannot be fully automated. This approach aligns naturally with leading ISO standards: ISO 22301 - ISO 27035 - ISO 37301 - ISO 31000. Now more than ever, preparation is power. Waiting for disruption to build your response is like buying insurance during an earthquake—it’s too late. A crisis map provides a repeatable, organization-wide process to integrate people, technology, and decisions—across physical, digital, and strategic layers. It helps leaders activate the right actions at the right time. In an age of AI-powered automation, cyber threats, and growing regulatory pressure, those who have a map won’t just survive. They’ll lead—confidently, compliantly, and with purpose.

In a crisis, you don’t rise to the level of your plan—you fall to the level of your governance Everyone loves to talk about how they'll lead in a crisis. They’ll “step up.” They’ll “own it.” They’ll “rise to the occasion.” But here’s the truth no one likes to admit: 👉 In a real crisis, you don’t rise to the level of your ambition—you fall to the level of your systems. To the quality of your governance. To the strength of your escalation paths. To how well your team can make decisions when everything's on fire. 🧯 Leadership in regulated industries hits different! When you’re building in a regulated space, it’s not just about moving fast—it’s about moving responsibly. & that means governance isn’t paperwork. It’s operational infrastructure. It’s what ensures: 🔐 Material issues are flagged before they become headlines 📣 The right people are informed at the right time 🧭 Decisions are made with clarity—not panic 📝 Regulators see consistency, not chaos According to the Institute of Risk Management, 87% of reputational damage in regulated companies happens not because of the event itself—but because of poor handling & late communication. 🧠 What I tell executive teams (From a CEO who’s been there) I’ve led regulated entities through fast growth, audits, incidents, even acquisition. The one thing that separated those who survived from those who spun out? Crisis-ready governance. Here’s what I tell my leadership teams: 1. Build your escalation paths like emergency exits. Clear, fast, practiced. 2. Log everything. If it’s not written down, it doesn’t exist. 3. Have someone who owns the ugly scenarios. Risk management isn’t a deck—it’s a discipline. 4. Practice when it’s calm. Because when it’s storming, it’s too late. 🔍 Governance ≠ bureaucracy. Governance = trust. It’s easy to dismiss governance as overhead. Until the day you need it. & then suddenly—it’s everything. Because governance isn't about control. It's about credibility. With your board. With your regulator. With your people. If you're leading in a regulated industry, remember this: Plans are theory. Governance is muscle memory. When things go wrong—& they will—your systems kick in before your speeches do. So, don’t just plan for the perfect day. Lead for the worst one. #Leadership #CEO #Governance #Compliance #Regulations #RiskManagement #ExecutiveLeadership #RegulatedIndustries #CrisisManagement #Management #Regulation #CEOs #Trust #Crisis #Reputation #Communication