TheCorporateCounsel.net Logo

CCRcorp's

TheCorporateCounsel.net

Providing practical guidance since 1975.

May 14, 2026

Survey: Corporate Crisis Management Practices

The latest issue of Deloitte’s Board Practices Quarterly reports the results of a recent Society for Corporate Governance survey of corporate secretaries, in-house counsel, and other governance professionals from 76 public companies and 17 private companies of varying sizes and industries.

The survey was conducted during Q4 of 2025 and looked into organizational crisis preparedness and governance. Covered topics included crisis plan formalization, types of crises addressed in the plan, management functions that participate in crisis teams, and the role of the board of directors. This excerpt addresses some of the highlights:

Cybersecurity incidents/data breaches are commonly reported crises: Public companies most often report facing reputational, cybersecurity incident/data breach, and supply chain/geopolitical crises, while private companies most often report facing regulatory investigations, cybersecurity incident/data breach, and major litigation.

Many have plans, but associated practices vary: Most respondents report having a formal, documented crisis management plan, but whether and how often the plan is reviewed or tested varies across organizations.

Coverage gaps exist between “experienced” and “planned for” crises: Survey results indicate gaps between crises organizations have experienced and those anticipated and included in crisis plans. Some crises (like major litigation and regulatory investigations) are experienced more often than they are included in plans.

Readiness practices differ: Most companies define when their board should be involved in a crisis, but whether companies delineate board vs. management responsibilities in a crisis yielded disparate results (25%–73%).

I found a few of the survey’s results a little surprising. For example, nearly one-third (31%) of public companies surveyed did not have a specifically and/or formally defined role for the board in crisis management preparation, and only 15% of public company boards participated in scenario planning or tabletop exercises.

John Jenkins

Take Me Back to the Main Blog Page

Blog Preferences: Subscribe, unsubscribe, or change the frequency of email notifications for this blog.

UPDATE EMAIL PREFERENCES

Try Out The Full Member Experience: Not a member of TheCorporateCounsel.net? Start a free trial to explore the benefits of membership.

START MY FREE TRIAL