plan, and the organization, especially senior management, must
            have confidence in the plan so that it can be carried out in a
            crisis. An incident is not an excuse to break the law, and every
            organization must know the laws and regulations that apply.
            There are labor laws, environmental laws (dumping of
            hazardous waste), health and safety laws, privacy laws, criminal
            laws, or civil liabilities must all be known.

            The plan should not be excessively wordy, but rather contain
            short action-orientated statements and clear directions. The use
            of checklists in the plan can help track what has been done, what
            still needs to be done, and ensure that no critical step is missed
            in the heat and pressure of the incident.



            Responsibility

            During a crisis, one of the most damaging problems can be a
            lack of authority or leadership. Not everyone is a good leader in
            a crisis, some people do not do well under the pressures and
            uncertainties that accompany a crisis, and they are unsuitable to
            be the leader. Other people do well under pressure; they can
            make right decisions, exude confidence and positive morale, and
            bring calm professionalism to the crisis. Such people need to be
            identified and placed in positions of crisis leadership. Everyone
            should know who the leader is (and in the absence of the normal
            leader, who the deputy is as well), and all communications
            should be conducted to the proper channels and leaders. Even
            during a crisis, the organization should be thinking strategically
            - where is the organization headed? What changes will this
            incident make in the culture, operations, and processes of the
            organization? If we have to rebuild, how can we rebuild with a