Crisis Management

Telecom & Technology

A Crisis is defined as a significant threat to business operations that can have severe negative consequences if not handled properly – in terms of reputation/brand/revenue loss. Crisis Management relates to management of the incident in an effective manner. While a Crisis does not make the system or facility inoperable, inappropriate Management of the Crisis could lead to inability to deliver the key products and services – i.e. a Business Continuity issue.

Why Crisis Management

It is said that it takes years and years of nurturing to build a reputation, but only moments to tarnish it. Crisis Management and Crisis Communications often comprise the initial response from any organization. Only after effective response does effective recovery and restoration commence. Effective Crisis Management is critical for an organization to protect the reputation and image of the company – while ineffective or inappropriate crisis management could effectively destroy the future of the company. Conversely, Effective Crisis Management in the face of a disaster situation could even help enhance the image of the company, and in the long run contribute in a major way to the growth and proliferation of the company. Proactive and effective Crisis Management could prevent an incident from escalating, and save valuable assets such as human life, physical assets, reputation and financials – and thus perhaps even change the course of history.


Through our expertise in Crisis Management and Communications, we can help you with

We provide complete consultancy and competency building services for BCM implementation in line with NCEMA 7000, ISO 22301 and other established frameworks.

Business Continuity Management

Business Continuity Management (BCM) is a holistic management and governance process that helps protect the organization from financial and non-financial damages caused by minor or major business disruptions. It is said that an effective Business Continuity Plan can reduce the total loss by 90%+.

Implementation of BCM involves

  • Identification of potential risks that may cause disruptions
  • Identification of financial and non-financial impact of potential disruptions
  • Identification of key products and services, and critical business functions
  • Formulation and implementation of viable recovery strategies and plans
  • Formulation and implementation of viable recovery strategies and plans
  • Awareness, Training, Exercising and testing of these plans

We have to date participated in over 40 ISO 22301, NCEMA 7000, BS 25999 engagements, either as the Consultants, Assessors, Technical Experts or Trainers, and have an excellent track record of high quality delivery of BCM engagements within time and cost budget.


Other than major catastrophes, even minor day to day incidents not managed appropriately can also snowball into major disasters, leading to revenue losses, inability to meet commitments, penalties, embarrassment and loss of reputation, and opening of inroads for competitors, negative publicity, customer and employee attrition and the loss of current and future business. Worst case, the business can be permanently crippled, or may even shut down, never to reopen. BCM works towards ensuring that core, high-priority operations continue after a disaster or resume within an acceptable time.

Risk Management

Risk management is the identification, evaluation, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.

Risk management’s objective is to assure uncertainty does not deflect the endeavor from the business goals  Within this key management focus area, Core focusses on the following:


    • Risk culture assessment
    • Proactive risk management projects

Strategic risks- identification, interpretation and preparation

    • Strategy and program development solutions
    • Assessment and monitoring of third parties’ risk profile
    • Technology enabling solutions

Robust risk appetite framework development & implementation

    • Risk & control assessments
    • Key controls testing
    • Remediation advisory

Regulatory compliance identification & monitoring

    • Testing of material compliances
    • Compliance risks management tools


    • Evaluating Internal audit functions and providing co-sourcing & outsourcing services
    • Audit Analytics
    • Continuous monitoring and auditing
    • Internal Controls testing


    • ISO 31000, Information security, Regulatory compliance, data loss prevention, Health & Safety, sustainability, Ethics.


    • Business process re-engineering
    • Cost optimization projects

IT Disaster Recovery

IT Disaster Recovery (IT DR) refers to the processes, policies and procedures related to preparing for recovery or continuation of technology infrastructure after a disruption or disaster. Most IT DR plans look to ensure that core, high-priority operations continue or at least resume within an acceptable time after a disaster.

Implementation of IT Disaster Recovery involves resilience of the entire Technology chain that supports critical applications, including:

Servers and routers

Networks and Telecom infrastructure

Data and other information

Data Centers, Workstations, Desktops, Laptops and other computing equipment

Why IT Disaster Recovery

IT is the backbone of every business. An IT disaster can cause a companywide disruption. Per Gartner, 2 out of 5 organizations that experience a severe disaster go out of business within five years.

Most organizations are now critically dependent on IT. The fact is that no business is immune to disasters, which can strike at any time, often without prior notice, and at the worst possible time. And when the IT fails down, most organizations are unable to function. At best, a severe disaster could merely incapacitate a business, allowing it to crawl back to normalcy over a period of time. At worst, the business can be permanently crippled, or may even shut down.

Even loss of the data can bring the organization to a standstill – not to mention other implications such as fines, regulatory sanction etc. IT Disaster Recovery is all the more critical for any organization, due to regulations and corporate governance implications that exist now in most professionally managed organizations. In most organizations, the processes that deliver products and services depend on information and communication technology (ICT).

ICT continuity management supports the overall business continuity management (BCM) process of an organization. BCM ensures that your organization’s processes are protected from disruption and is able to respond positively and effectively when disruption occurs.

ICT continuity management supports the overall business continuity management (BCM) process of an organization. BCM ensures that your organization’s processes are protected from disruption and is able to respond positively and effectively when disruption occurs. Our Expertise enables us to empower you with:

Information Security

Why Information Security

Currently information security is crucial to all organization to protect their information and conducts their business. Information security is defined as the protection of information and the system, and hardware that use, store and transmit that information. Information security performs four important for an organization which is protect the organization’s ability to function, enable the safe operation of applications implemented on the organization’s IT systems, protect the data the organization collect and uses, and lastly is safeguards the technology assets in use at the organization. 

Information is one of the most important organization assets. For an organization, information is valuable and should be appropriately protected. Security is to combine systems, operations and internal controls to ensure integrity and confidentiality of data and operation procedures in an organization. Information security history begins with the history of computer security. It started around year 1980. In 1980, the use of computers has concentrated on computer centres, where the implementation of a computer security focuses on securing physical computing infrastructure that is highly effective organization. Although the openness of the Internet enabled businesses to quickly adopt its technology ecosystem, it also proved to be a great weakness from an information security perspective. The system’s original purpose as a means of collaboration between groups of trusted colleagues is no longer practical because the usage has expanded into millions of frequently anonymous users


The standard aims to achieve the following.

Provides a basis for understanding business continuity management

Provides a means of measurement that is consistent and recognized

Provides a system based on established good practice

Your company’s value is its data

Protecting your data means protecting its confidentiality, integrity, and availability. The consequences of a failure to protect all three of these aspects include business losses, legal liability, and loss of company goodwill. Information security, as a recognized business activity, has come a long way in the past decade. Various factors have caused the discipline to mature and it has now attained its “license to operate” within the corporate and public sector environments, becoming one of the core business and organizational enablers.

Green IT & Energy Management

Sustainability ensures living today comfortably and leaving enough for tomorrow as well. CORE believes Information Security, Energy Security, Physical Security, Environmental Security, Business Security (continuity) – all go together to ensure Sustainability.