Skip to content

CRI: Crisis Management

Document Type

Code: CRI
Name: Crisis Management
Domain: Risk & Governance

Abstract

This specification defines the Crisis Management document type within the BSpec 1.0 Universal Business Specification Standard. It addresses acute, high-impact events that threaten operations, reputation, or continuity.

Purpose and Scope

Crisis Management defines severity-classified response playbooks, executive communication, and command structure for high-impact disruptions that go beyond routine incidents.

Document Metadata Schema

yaml
---
id: CRI-{crisis-program}
title: "Crisis Management — [Program Name]"
type: CRI
status: Draft|Review|Approved|Active|Deprecated
attribution_required: false
version: 1.0.0
owner: Crisis-Lead|COO|Leadership-Office
stakeholders: [leadership-team, operations, legal, communications, finance]
domain: risk-governance
priority: Critical|High|Medium|Low
horizon: tactical
visibility: internal

depends_on: [INC-*,OPS-*,RSK-*]
enables: [BCR-*]

severity_levels: [observe|warn|major|critical]
activation_thresholds: [revenue, safety, regulatory, reputational]
incident_command: [incident-commander, communications-lead, legal-lead, restoration-lead]
review_cycle: annual
---

Crisis Framework

  • Detection and Escalation: Trigger conditions and activation flow.
  • Command Structure: Roles, decision authority, and communication cadence.
  • Mitigation Actions: Containment, mitigation, and stabilization priorities.
  • Recovery and Reconstitution: Return-to-normal plan and post-incident review.

Validation Checklist

  • [ ] Severity thresholds and activation criteria are explicit.
  • [ ] Crisis command chain and authority are documented.
  • [ ] External and internal communication templates are defined.
  • [ ] Closure and lessons-learned process is documented.

Released under the MIT License.