Crisis management and incident response services

Competing demands can make it difficult for organizations to identify threats and prepare for crises. EY Crisis Management & Incident Response Services support business leaders by helping them to identify and monitor potential threats, developing and testing crisis plans and teams, and responding with speed and integrity when an incident occurs.

What EY can do for you

In recent years, executives have become increasingly aware of the potentially devastating effects that an unexpected, or under-anticipated, crisis can have on their business.

How prepared are you for the next threat? Will a crisis affect operations in just one part of the business or lead to widespread disruption? Could it damage individual reputations or a company-wide brand? Or even threaten the very existence of the organization? Many organizations are unaware of the breadth of potential, ever-changing threats they may face and are not sufficiently prepared to manage them effectively.

Key questions to ask:

  • Can you identify your potential crisis threats? A crisis can come from anywhere, at any time. It may spring from an existing issue, hidden within the organization or develop slowly under the radar. It could be sudden, caused by external factors beyond control of leadership. Or it could be completely unpredictable. Have these threats been identified? Are they being monitored?
  • Are you prepared to respond to these threats? Crises can take many forms, prompting different responses. A natural disaster such as a flood or a pandemic may require different strategies than those needed to respond to a technological failure. Other threats may come from malevolent third parties, the misdeeds of internal teams or even confrontation with discontented individuals and organizations. Are there teams in place to respond should a crisis occur? Are there up-to-date plans that have been tested and simulated?
  • Can you keep up with the evolving threat landscape? Executive teams may be aware of the principal threats to their organizations but digital and regulatory evolution, changes in geopolitics, environmental, social, and governance (ESG), cultural, consumer and employee demands make it difficult to track potential threats.
  • Do you have access to the right, critical support? When a crisis occurs, can you access the data and intelligence you need to make insightful and appropriate responses? Are you prepared to deal with all necessary stakeholders? Can you be sure to act with integrity and in line with your brand values even in the most trying circumstances?

Types of crises

The six core types of crisis
  • Image description

    The six core types of crises and how they manifest within a business, both from internal and external sources, with examples of each type.


    When discontented individuals or groups stand-up against the actions of an organisation.


    Strikes, boycotts, protests and ultimatums.


    When individuals or groups express anger towards or seek to gain from an organisation.


    Cyber-attacks, product tampering, malicious rumours and espionage.


    When organisations are impacted by the considered actions of their own people, or customers.


    Fraud, corruption and money-laundering.


    When organisations are impacted by faults in their own systems or by human error.


    Software failures, industrial accidents and oil spills.


    When organisations are impacted by crises triggered by parties outside the organisation.


    War, terrorism, financial crises and regulatory/legal change.


    When organisations are impacted by environmental phenomena.


    Pandemics, hurricanes, floods and volcanic eruptions. 

The types of crises an organization may experience can be present in different forms ranging from hidden, as they have not yet been identified, to creeping, where they are suspected, to sudden and bizarre which can be completely unexpected or out of the ordinary.

The four main crisis categories within a business

The four main crisis categories
  • Image description

    Chart showcasing the four main crisis categories within a business, which include hidden crises, creeping crises, sudden crises, and bizarre crises, with examples of each category.

    Hidden crises

    Crises that are present in the organization but have not been detected.

    E.g., fraud and financial manipulation.

    Creeping crises

    Crises that are present, suspected or that develop slowly and are not taken seriously.

    E.g., regulatory change and cyberattacks.

    Sudden crises

    Crises that happen without warning and (often) beyond an organization's control.

    E.g., disease, terrorism and product tampering.

    Bizarre crises

    Crises that are impossible to predict.

    E.g., air plane crashing into office, and food poisoning at C-Suite retreat. 

EY Crisis Management & Incident Response gives business leaders the trusted support they need to steer their organizations through crises with confidence by helping with:

Building preparedness:

An effective response to crisis begins with preparation. EY Crisis Management & Incident Response helps organizations identify threats and use comprehensive, regularly updated playbooks and simulations to understand their potential impact. Building this level of preparedness allows leaders to focus on business as usual, confident that they are ready to manage any crisis effectively with speed and brand integrity.

Responding with speed and integrity:

The EY Forensic & Integrity Services team gives organizations the support to respond at speed amid significant, competing pressures. Our team works closely with yours to quickly source and compile relevant information from across organizations, from third parties and from news sources, and deliver relevant insights in an easily accessible format that guides rapid, business-critical decisions.

Guiding smarter decisions:

EY Crisis Management & Incident Response helps executives and other functions throughout the business to respond to crises effectively, underpinned by intelligence that drives smarter decisions by leaders, and supports the work of crisis communications and legal teams.

EY Crisis Management & Incident Response is led by our forensic professionals and draws upon EY multi-disciplinary teams located around the world. It offers comprehensive, whole-of-organization crisis support built around four pillars:


Helping identify and monitor threats as a managed service.


Developing response playbooks and plans, tested by regular simulations, and continually reviewed and improved to reflect changing dynamics.


Deploying the EY Crisis Response Center, gathering critical intelligence and drawing on EY subject matter professionals from around the world to help organizations respond rapidly, with integrity and in alignment with corporate values.


Supporting the recovery from crises by improving plans for future threats, and building a stronger, more resilient organization.

Aligning the enterprise to crisis management

The four key stages in the Crisis Management life cycle
  • Image description


    Threat assessment

    Integrating crisis planning objectives into company policies

    Evaluating third parties and partners on their crisis readiness

    Threat monitoring

    Using threat monitoring e.g., mining hotline data, incident reports and investigative findings to identify threats

    Taking legal or administrative action against confirmed threats and policy violations


    Crisis planning

    Creating crisis playbooks, defining a chief crisis officer and crisis managers

    Integrating crisis planning objectives into company policies

    Including audit committee feedback into crisis related issues to support adequate oversight

    Crisis simulations

    Running regular “tabletop” exercises to ensure all teams are prepared.


    Crisis response center

    Deploy EY center of excellence to advise on crisis response.

    Assist in effective collection and dissemination of relevant information

    Ensure effective use of playbooks with internal and external resources

    Implementing legal holds and lockdown measures; coordinate with law enforcement

    Implementing a media and external communications protocol


    Response assessment

    Assessing the response to the crisis

    Updating threat monitoring, plans and simulations into a continuous improvement process

    Recovery & restructuring

    Updating policies & procedures and creating a culture of informed crisis management.

    Assisting with financial, commercial and cultural recovery of the business

Drawing on EY teams extensive domain knowledge and deep technical capabilities, including the rapid response skills of the Forensic & Integrity Services team, we help organizations:

  • Pinpoint threats and monitor the likelihood of their occurrence. 
  • Develop threat response plans using clearly defined solutions and technology, tested by regular, simulation-based scenarios to ensure readiness. 
  • Respond quickly, with efficiency, integrity and in alignment with corporate values. EY Crisis Response Centre draws on intelligence from both internal and external sources to support the C-suite to respond to a crisis and keep an open channel of communication with key stakeholders.
  • Review and recover, by examining the response to crises to identify opportunities to improve readiness, build resilience and adapt to new market and regulatory demands.
  • Manage insurance claims, by helping you to quickly understand the scale of losses or damages suffered, and to prepare and submit forensic reports documenting losses to recover as much as possible. EY teams can respond to a claim of any size, anywhere in the world. By applying cutting-edge forensic technology, EY teams can successfully manage and monitor initiatives to help organizations document and restore financial losses.

Contact us

Want to learn more? Get in touch.