Crisis management services

We engage specialized subject-matter specialists from PwC's extensive global network across jurisdictions and functional areas to ensure our crisis management strategies achieve comprehensive compliance with local legislation, the CER Directive, international standards, and contractual obligations while adhering to industry best practices.

Our alignment with international standards follows a multi-layered approach:

• Regulatory compliance framework: We maintain knowledge of evolving regulations like the CER Directive, ISO 22301 (business continuity), and sector-specific requirements, ensuring our strategies meet both current and emerging compliance obligations.
• Global expertise coordination: We leverage PwC's international network to access local regulatory expertise and cultural insights, enabling us to design strategies that work across jurisdictions while respecting regional nuances.
• Standards integration: Our methodologies incorporate established frameworks and industry-specific standards, creating comprehensive strategies that meet multiple compliance requirements simultaneously.
• Continuous monitoring: We establish ongoing compliance verification processes, including regular regulatory updates, standard alignment reviews, and cross-jurisdictional validation to ensure strategies remain current and effective.

Effective assessment and prioritization of risks are essential components in establishing a comprehensive crisis management strategy. Our risk assessment and prioritization employs proven methodologies that deliver quantifiable, actionable insights:

• Multi-methodology risk identification: we utilize comprehensive threat pathway mapping techniques to understand how risks develop and cascade through organizations, operational risk assessment frameworks specifically designed for complex business environments, probabilistic modeling approaches that account for uncertainty and variability in risk scenarios, and structured adversarial testing exercises that reveal organizational blind spots and emerging threat vectors.
• Quantitative impact assessment: our approach incorporates sophisticated financial exposure quantification methods, comprehensive business impact analysis using established recovery metrics and operational continuity benchmarks, systematic failure analysis techniques with detailed criticality assessments, and predictive loss modeling frameworks that support strategic insurance and budgeting decisions.
• Prioritization frameworks: we employ visual risk mapping tools with customized probability and impact assessment matrices, multi-criteria decision-making frameworks that balance competing organizational priorities, analytical techniques that identify the critical few risks driving the majority of potential organizational impact, and adaptive scoring systems that continuously adjust based on evolving threat intelligence and environmental factors.
• Validation and calibration: our methodology includes rigorous scenario testing against historical performance data and industry benchmarks, comprehensive validation processes involving internal subject matter experts and external threat intelligence sources, robust sensitivity analysis to test the resilience of underlying assumptions, and continuous improvement processes based on organizational learning from near-miss events and actual incident experience.

This systematic approach ensures our risk prioritization is both scientifically rigorous and practically actionable for executive decision-making, providing organizations with clear, prioritized roadmaps for crisis preparedness investments.

The development timeline and cost for a crisis response plan depend on several critical factors that we assess during our initial scoping phase and vary significantly based on organizational complexity and scope requirements:

• Organizational complexity factors:
  • Number of business units, locations, and operational sites;
  • Geographic spread and jurisdictional requirements;
  • Integration needs with existing business continuity frameworks;
  • Stakeholder ecosystem complexity and decision-making structures.
• Scope and depth requirements:
  • Comprehensiveness of risk scenarios to be covered;
  • Level of detail required for response procedures;
  • Integration with regulatory compliance frameworks (CER Directive, sector-specific standards);
  • Training and testing program requirements.
• Resource and availability constraints:
  • Senior management and key stakeholder availability for workshops and interviews;
  • Internal team capacity for collaboration and input provision;
  • Existing documentation and baseline materials availability;
  • Approval and review cycle requirements.
• External dependencies:
  • Regulatory consultation and approval processes;
  • Third-party vendor and supplier integration needs;
  • Legal and compliance review requirements;
  • Board and audit committee review cycles.
• Quality and validation sandards:
  • Testing and simulation exercise complexity;
  • Cross-functional validation requirements;
  • Documentation standards and format specifications;
  • Continuous improvement and iteration cycles.

During our initial assessment, we map these factors to develop a realistic project timeline with clear milestones, built-in flexibility for unforeseen complexities, and phased delivery options that can provide immediate value while building toward comprehensive coverage. Contact us using the form at the bottom of this page to schedule a consultation, discuss your specific needs, and receive a preliminary assessment tailored to your organization.

Crisis management plays a key role in maintaining business continuity and resilience, particularly for organizations with complex operations in highly regulated industries. The following is an example of PwC's crisis and resilience team providing support to a client.

• Client and context: international pharma company with a production site in Ukraine, part of a group headquartered in Switzerland.

• Objective: strengthen business resilience to prepare for emergency situations and ensure sustainable business continuity across operations in Ukraine, including commercial, production, and lines of business.

Engagement details: 

• Performed an in-depth risk identification and assessment;

• Conducted a quantified analysis of business impacts;

• Provided tailored recommendations for response measures;

• Developed a comprehensive resilience plan, featuring an integral roadmap with respective initiatives, project passports for each initiative, and a transitional context to guide successful implementation and delivery.

For more details about this engagement or to discuss your specific crisis management needs, we invite you to schedule a consultation with our team. Our crisis management consultants provide support for developing crisis management plans that address the unique challenges faced by organizations in the pharmaceutical sectors. Use our contact form to book your crisis management consultation.

Our global reach is one of our key strengths — we deliver services across multiple countries by bringing together specialists from different regions, ensuring full compliance with both local and international regulatory frameworks.

We use quantitative risk assessment approaches to evaluate the financial impact of potential crises and assist clients in developing comprehensive business continuity plans. Our methodology conducts risk assessment by considering key factors such as revenue loss, EBITDA loss, and opportunity costs using a range of sophisticated financial modeling techniques (Expected annual loss calculations, Monte Carlo simulations, value-at-risk assessments, total cost of risk analysis, etc.).

We tailor risk assessment to the organization's risk appetite and specific context through various advanced impact quantification methods (scenario-based stress testing, break-even analysis, maximum tolerable period of disruption analysis, etc.). Our support includes preparing design plans that prioritize critical functions and allocate resources effectively, incorporating multiple dynamic financial resilience planning approaches (insurance gap analysis, capital allocation frameworks, recovery funding strategies, etc.).

We would be happy to discuss your specific case and how our methodologies can be tailored to your organization's needs. Please contact us through the feedback form to schedule a consultation.

Our crisis management services are tailored to meet the needs of organisations with global operations and complex structures. Global operations create unique crisis dynamics that require fundamentally different approaches than single-location strategies:

• Cross-border crisis cascading management: we understand how crisis events cascade across global operations - a supply chain disruption in Southeast Asia can trigger financial reporting issues in Europe, while a cyberattack on North American operations may impact regulatory compliance across three continents simultaneously.
• Cultural crisis intelligence: different cultures perceive and respond to crises differently. What constitutes "transparent communication" in Germany may be seen as inappropriate in Japan, while crisis response speeds expected in the US might be unrealistic in regions with more consensus-driven decision-making. We build these cultural nuances into crisis protocols.
• Jurisdictional crisis arbitrage enables smart organizations to leverage jurisdictional differences strategically when crisis strikes - shifting critical functions to unaffected regions, utilizing favorable legal frameworks for recovery operations, or accessing crisis resources where they're most readily available. We design these contingency pathways in advance.
• Time zone crisis continuity ensures maintaining decision-making authority, information quality, and stakeholder confidence as crisis management rotates across regions during 24-hour crisis cycles. We create "crisis handoff protocols" that maintain strategic coherence.
• Regulatory crisis navigation helps organizations navigate situations where global crises trigger multiple regulatory responses simultaneously - such as when EU data protection requirements conflict with US national security demands, or where environmental incident reporting in one country affects operational licenses in another.

We leverage PwC's global network to provide consistent, locally informed solutions across multiple locations, addressing cross-border interdependencies and regulatory requirements while ensuring cohesive and scalable crisis management strategies worldwide.

To help organizations navigate uncertainty with confidence, we’ve developed advanced tool that transforms complex data into clear, actionable insights.

Our proprietary crisis & resilience tool offers:

• Dynamic dashboard.

• Structured risk catalogue tailored to your context. 

• Real-time visibility to speed up decision-making.

Ultimately, it’s about turning complexity into clarity and enabling confident action through smart, data-driven insights.

Additionally, we guide organizations through the ethical considerations of crisis technology implementation, balancing transparency with security in automated crisis communications.

To help organisations protect their reputation in times of crisis events, we combine data and insight to assess how different scenarios may impact stakeholder trust and brand value:

• Integrate qualitative and quantitative indicators into our evaluation model to assess potential impacts on stakeholder trust, public perception, and brand value.

• Map potential media exposure, stakeholder reactions, and social sentiment dynamics to anticipate reputational outcomes.

• Deliver clear insights and actionable recommendations to support confident, proactive risk management. 

• Engage PwC's global subject-matter specialists to navigate jurisdiction-specific requirements, balancing best practices with local regulatory compliance and regional considerations.

We develop comprehensive crisis management frameworks that integrate with your existing risk and governance structures through strategic stakeholder engagement and phased implementation. Our approach includes creating tailored integration plans for sector-related organization with structured stakeholder discussions to ensure alignment across all organizational levels, considering the following aspects:

• Tailored crisis management framework for organisations in the energy, utilities, and infrastructure sectors.

• Ensure alignment with the Critical Entities Resilience Directive (CER) and sector-specific regulatory requirements.

• Enhance resilience preparedness and implement swift response actions to effectively handle potential crises. 

This strategy ensures that these critical sectors are comprehensively prepared to respond to crises, transforming crisis management into an embedded capability rather than a standalone function.