As we mark the third anniversary of 9-11, it is important to recognize that many organizations are beginning to let down their dukes. The efforts to update crisis communications plans and disaster recovery plans have lost some of the urgency that propelled them to become priorities in years past. As a result, many organizations have not updated their plans in the past couple years.

Ensure these plans remain as usable as they were when first developed requires periodic updates.

This checklist is designed as a prompt to stimulate further questions. Each of the vulnerabilities listed below should be considered and explored. One approach that can be used productively is to circulate the list to your organization''s executive team and to the crisis response team if they are not the same, and request that they consider how each applies to your organization. As a part of the exercise I would suggest that they also try to think of specific examples that match each of the categories. This might prompt them to take the idea on board as a realistic possibility rather than a hypothetical concept.

Step two is to convene a group meeting to discuss, prioritize and formulate potential responses to each conceivable scenario. Defining which of the potential scenarios constitutes a crisis and warrants that activation of your organization''s crisis response plan is essential. Otherwise, you may find yourself in the midst of a crisis that nobody has identified as such. Another important outcome of this process is to dispel the ‘It can’t happen to us" mindset.

The list is not exhaustive and any other areas that come to mind should be noted and explored in the same manner.

1. Fatality: where an employee or customer dies as a result of your organization''s processes or products.

2. Succession: where the organization''s leadership is in question due to the death or failing health of a chief executive.

3. Security: where there has been a breach of your organization''s security that puts employees or the community at risk.

4. Activism: where your organization is the subject of organized criticism or protest.

5. Health and safety issues: where the brand or image is likely to be associated with what are perceived to be harmful outcomes.

6. Employee discord: where employees or recently separated employees publicly attack the company''s leadership or processes.

7. Workplace violence: where an employee is harmed or threatened on the job either by another employee, former employee, customer or person off the street.

8. Litigation: where your company or executive is the subject of potentially harmful legal action.

9. Brand attack: where others who might have a vested interest in the demise or decay of your business knowingly attack the brand or image.

10. Regulatory: where your organization''s practices are the subject of an investigation.

11. Quality issues: where doubts are cast on the suitability of the product or service or the value for money it represents

12. Legislation: can affect the brand or image in all sorts of ways. Infringements of existing legislation are one aspect and changes of legislation are another.

13. Racial issues: those where the product or services has a racial connotation this would normally be purely accidental through lack of knowledge or it might occur through some change of fashion or custom.

14. Environmental issues: where the public, or sections of the public, have real or imagined concerns about the environmental impact of a product in its manufacture, distribution or its use.

15. Animal rights issues: where the public, or sections of the public, have real or imagined concerns about the impact on animal life.

16. Human rights issues: where the public, or sections of the public, have real or imagined concerns about their rights or the rights of others.

17. Implication by association: where a company, its products or services are deemed to be in league with others who have a poor image some reason or another.

18. Forces of nature: where the destructive forces of nature put employees or customers at risk or have a detrimental effect on the way in which a company sources its materials, creates its products or delivers its services.

19. Personal issues: where the brand, or image, is liable to suffer simply because of its association with an individual who appears to have offended the public though his or her actions, words or beliefs.

20. Criminal acts: where someone closely associated with the brand or image appears to have committed a criminal act.

Because many organizations naturally have difficulty identifying their own potential flaws, conducting a vulnerability assessment is often best guided by a person or team outside the organization. The process should provide you with a sense of perspective about the potential threats to the reputation of brand or organization. Unless you emerge with the view that your brand is bullet proof we would expect you to want to take steps to protect and enhance this valuable asset. Those steps are relatively simple. The organization needs to consider various approaches to responding to these scenarios and practice in real-world settings. What messages should be communicated, to whom and how? These questions are not difficult to address while planning. The wrong time to be considering these questions clearly is in response to an emergency, a catastrophe or a disaster.

DPK Public Relations can help your organization conduct a vulnerability assessment as part of its Crisis Planning and Response service. We also offer scenario training for organizations interested in testing their ability to make decisions under pressure that advance their interests while also strengthening their brand''s reputation. Contact Dan Keeney, APR at or call 214-432-7556.