Why this is hard to get right
The 2 a.m. Call No One Prepares For
Marcus is a VP of Operations at a mid-size fintech company. It's 6:47 a.m. on a Tuesday when his phone lights up — the payment processing system has been throwing errors since just after 7 a.m. ET. By 7:30, support tickets are flooding in. His CTO is already on a war-room call. The board chair has texted him directly.
Marcus knows he needs a crisis communication plan memo out within the hour. It has to cover what happened, who owns what, what customers will be told, and when the next update drops. He also needs a version for the board that doesn't read like a technical incident report.
He opens an AI assistant and types: "Write a memo about a crisis we're dealing with and what to do."
What comes back is a five-paragraph generic template with placeholders like "[DESCRIBE INCIDENT HERE]" and "[LIST ACTION ITEMS]." It reads like a corporate manual, not a real plan. There's no mention of DRIs. No timestamps. No escalation path. No internal vs. external messaging split. He'd spend 45 minutes cleaning it up — time he doesn't have.
The problem isn't the AI. The problem is the prompt. Without knowing the incident type, scope, affected regions, audience layers, tone requirements, and structural expectations, the model defaults to the most generic possible output.
Marcus tries again, this time specifying: his role, the payment outage, the percentage of transactions affected, the audience tiers (exec team, board, managers), required sections (impact, root-cause hypothesis, actions by function, decision log), and constraints (600 words, one DRI per action, timestamps). He also asks for draft snippets for internal Slack and external customer email for the first hour.
The output is completely different. It's structured, scannable, and immediately usable. Engineering, Support, Comms, and Legal each have a named owner and a next action. The board-ready summary is two tight paragraphs. The customer-facing draft is empathetic but specific. Marcus edits three lines and sends it.
The difference between those two outputs wasn't the AI's capability. It was how much context and structure the prompt carried. A well-built crisis prompt does what a good incident commander does: it defines the problem, assigns the room, and sets the clock. Without that structure, even the best AI produces polished noise — exactly what you don't need at 7:30 a.m.
Common mistakes to avoid
Omitting Incident Scope and Metrics
Saying 'we have an outage' gives the AI nothing to work with. Without scope data — percentage affected, regions, start time, severity tier — the model can't calibrate urgency, prioritize functions, or write accurate customer messaging. Always include specific numbers. '18% of North America transactions down since 07:20 ET' produces a fundamentally different, far more usable memo than vague language.
Skipping Audience Segmentation
Crisis memos often need to serve multiple audiences simultaneously: exec team, board, managers, and external customers each need different levels of technical detail and different tones. Prompts that say 'write a memo' without naming the audience produce one-size-fits-none output. Specify every audience tier and what each one needs to know.
Forgetting to Assign DRIs
AI will happily list action items with no owner. In a real crisis, an action without a named DRI is noise. Explicitly ask for one responsible owner per action, or the memo becomes a list of good intentions that no one executes. Add 'assign one DRI per action' as a hard constraint in your prompt.
Not Specifying Internal vs. External Messaging
Internal communication and customer-facing communication require completely different language, legal exposure, and tone. Prompts that don't distinguish between the two produce output that's either too candid for customers or too vague for your internal team. Ask explicitly for separate snippets for each channel.
Leaving Out Update Cadence
A crisis memo without a defined update schedule creates a vacuum that fills with rumor and ad-hoc messages. Specify the cadence — 'next update at 09:00 ET, then every 90 minutes' — so your AI output includes it automatically. This prevents stakeholders from chasing you for status and keeps communication disciplined.
Ignoring Legal and Compliance Constraints
In regulated industries, certain language around incidents cannot appear in external communications without legal review. If your prompt doesn't acknowledge legal as a function — or specify what can and cannot be disclosed — the AI will draft language your legal team will immediately reject, costing you another 30 minutes you don't have.
The transformation
Write a memo about a crisis we’re dealing with and what to do.
You are the Chief of Staff. Draft a crisis communication plan memo. 1) Context: Payment outage affecting 18% of transactions in North America since 07:20 ET. 2) Audience: Exec team, managers, board. 3) Goals: Align on status, owners, timeline, risks, messaging. 4) Tone: Calm, accountable, transparent. 5) Structure: Summary, impact, root-cause hypothesis, actions by function (Eng, Support, Comms, Legal), decision log, next update time. 6) Constraints: 600 words max, time stamps, responsible DRI per action, 3 key risks with mitigations. 7) Include: Internal and external comms snippets for first hour.
Why this works
Role Anchoring Shapes Tone
The After Prompt opens with 'You are the Chief of Staff,' which immediately anchors the AI's perspective, authority level, and communication style. Without a named role, the model adopts a neutral, generic voice. Naming the role produces output that reads like a senior operator wrote it — confident, accountable, and appropriate for board-level distribution.
Incident Specificity Drives Accuracy
The After Prompt specifies 'payment outage affecting 18% of transactions in North America since 07:20 ET.' This single line eliminates ambiguity about severity, scope, and timeline. Specific metrics force the AI to calibrate language, urgency, and action priority to match the actual situation — not a generic crisis template.
Mandated Structure Enables Scanning
The After Prompt explicitly requires: Summary, impact, root-cause hypothesis, actions by function, decision log, and next update time. This section list acts as a contract — the AI must populate each section, preventing it from glossing over critical elements like the decision log or root-cause hypothesis that executives and board members will ask about immediately.
Hard Constraints Create Accountability
The After Prompt enforces '600 words max, timestamps, one responsible DRI per action, and 3 key risks with mitigations.' Explicit constraints eliminate the AI's tendency to pad. Word limits force prioritization. DRI requirements force ownership. Risk mitigations force forward-looking thinking — all critical ingredients a generic prompt omits.
Multi-Channel Output Request Saves Time
The After Prompt asks for 'internal and external comms snippets for the first hour.' This single instruction doubles the usable output from one prompt — you get the full memo plus ready-to-send communications for Slack and customer email. Without this instruction, you'd need a second prompt and another editing cycle under time pressure.
The framework behind the prompt
The Strategy Behind Crisis Communication
Crisis communication sits at the intersection of organizational behavior, information theory, and stakeholder management. When an incident occurs, leaders face three simultaneous pressures: resolving the problem, maintaining stakeholder trust, and preventing the situation from escalating due to poor communication.
The Situational Crisis Communication Theory (SCCT), developed by W. Timothy Coombs, provides the foundational framework most crisis professionals use. SCCT argues that the appropriate communication strategy depends on the organization's perceived responsibility for the crisis. A victim cluster crisis (natural disaster, external attack) calls for sympathy-based messaging. A preventable cluster crisis (operator error, negligence) demands full accountability and corrective action language. Knowing where your incident falls on this spectrum shapes every word in your memo.
The incident command system (ICS), originally developed for wildfire management and adopted across emergency management, introduces the concept of a unified command structure with clear DRIs — directly responsible individuals. This is why effective crisis memos always name one owner per action. ICS research consistently shows that ambiguous ownership during an incident extends resolution time and increases stakeholder anxiety.
From a communication design perspective, crisis memos benefit from progressive disclosure — the most critical information appears first, with supporting detail following. This mirrors the inverted pyramid structure used in journalism, which prioritizes who, what, and what's being done before explaining why or how.
Finally, psychological safety research (Amy Edmondson, Harvard) shows that how leaders communicate during a crisis directly affects whether frontline teams surface problems or hide them. Memos that model calm accountability — rather than blame or defensiveness — create the psychological conditions for faster resolution.
All of these principles map directly to how you structure a crisis communication prompt: role, incident specifics, audience tiers, tone, sections, and constraints each reflect a different layer of these frameworks.
Prompt variations
You are the Head of Customer Success. Draft a crisis communication plan for an API outage affecting enterprise customers.
Incident: Core API returning 503 errors for approximately 30% of enterprise accounts since 14:15 PT. Root cause under investigation by engineering.
Audience tiers:
- Frontline support agents (internal)
- Enterprise customers (external)
- Executive sponsors at top 10 accounts (direct outreach)
Required sections:
- Current status and scope
- Approved talking points for support agents
- External customer email draft (empathetic, no technical jargon, under 150 words)
- Direct outreach script for top-10 account managers
- Escalation path and DRI for each tier
- Update cadence: every 60 minutes until resolved
Constraints: No admission of root cause until confirmed. Legal-safe language only. Tone: calm, transparent, solution-focused.
You are the Chief Legal Officer. Draft a crisis communication plan memo for a confirmed data breach.
Incident: Unauthorized access to a customer database containing PII for approximately 4,200 accounts, detected at 09:45 ET. Breach window estimated 72 hours. Forensics team engaged.
Audience: Board of Directors, General Counsel, Chief Privacy Officer, external PR firm.
Required sections:
- Executive summary (2 paragraphs, board-ready)
- Regulatory notification obligations (GDPR, CCPA timelines)
- Legal hold instructions
- Immediate containment actions with named owners
- Draft holding statement for press inquiries
- Decision log with timestamp for each action taken
Tone: Precise, legally cautious, action-oriented. Avoid speculative language.
Constraints: 700 words max. One DRI per action. Flag any language requiring legal review before external use.
You are the Chief Communications Officer. Draft a crisis communication plan for a reputational incident triggered by a viral social media post.
Incident: A customer video alleging discriminatory treatment by a staff member has reached 2.1 million views across TikTok and X as of 11:00 ET. Internal review in progress. No findings confirmed yet.
Audience: Communications team, CEO, HR leadership, social media manager.
Required sections:
- Holding statement for social media (under 80 words, empathetic, non-defensive)
- Internal briefing for HR and store/regional managers
- Recommended response timeline (first 2 hours, 24 hours, 72 hours)
- Escalation triggers that require CEO direct response
- What NOT to say — list of phrases and positions to avoid
- Monitoring plan: platforms, keywords, sentiment signals
Tone: Humble, human, accountable. Avoid corporate language. No deflection.
Constraints: All external language reviewed by Legal before posting. CEO approval required for any named statement.
You are the VP of Operations. Draft a crisis communication plan memo for a critical supply chain disruption.
Incident: Primary fulfillment partner has suspended operations due to a labor dispute, effective immediately. Approximately 8,000 orders in queue with an estimated 5-7 day delay impact. No confirmed backup partner yet.
Audience: Operations leadership, sales team, key wholesale partners, customer service.
Required sections:
- Current inventory and order impact assessment
- Approved customer communication for delayed orders (email template, under 200 words)
- Partner outreach script for top 20 wholesale accounts
- Alternate fulfillment options under evaluation with DRI and decision deadline
- Internal FAQ for sales and customer service teams
- Go/no-go decision point for activating backup partner (date, time, owner)
Tone: Direct, solution-focused, honest about timeline uncertainty.
Constraints: Do not promise specific resolution dates. Flag any commitments requiring VP approval before sending.
When to use this prompt
Marketing Leaders
Prepare coordinated messaging for customers and press within the first hour, aligned with legal and product constraints.
Product Managers
Create a cross-functional action plan that clarifies technical hypotheses, rollbacks, and timelines to resolution.
Customer Success Directors
Align frontline teams with approved talking points, escalation paths, and update cadence for top accounts.
Founders/CEOs
Brief the board with a transparent, time-stamped plan that shows control, risks, and next decision points.
Operations Leaders
Document DRIs, incident command structure, and post-incident review steps to stabilize and prevent recurrence.
Pro tips
- 1
Specify the incident scope and metrics so actions match impact (e.g., % affected, regions, start time).
- 2
Define decision rights and DRIs to reduce confusion during handoffs and approvals.
- 3
Set update cadence and channels to prevent ad-hoc pings and inconsistent messages.
- 4
Include sample internal and external snippets to ensure immediate, consistent communication.
Most leaders only think about crisis communication after an incident starts. A more powerful application of this prompt type is the pre-mortem simulation — running the prompt before a crisis occurs to stress-test your response infrastructure.
Here's how it works:
- Choose a plausible scenario specific to your business — a payment outage, a data breach, a key supplier failure, a regulatory notice.
- Run the full crisis memo prompt as if the incident just happened, using realistic hypothetical metrics.
- Review the output with your leadership team. Ask: Do we actually have named DRIs for these functions? Do we have an approved customer communication template? Do we know our regulatory notification windows?
- Identify the gaps. The memo will surface ownership ambiguity and process holes you didn't know existed.
- Document the decisions so when a real incident happens, the framework is already built.
This approach draws on the pre-mortem methodology popularized by Gary Klein — imagining a future failure to surface risks you'd otherwise miss. Applied to crisis communication planning, it converts a reactive tool into a proactive resilience exercise. Teams that run pre-mortem simulations quarterly respond to real incidents 30-40% faster because the decision architecture already exists.
Crisis communication requirements vary significantly by industry, and your prompt should reflect those constraints.
Financial Services: Regulatory bodies like the SEC, OCC, or FINRA may require incident notification within specific timeframes. Your prompt should include: 'Reference applicable regulatory notification obligations and flag any disclosure that requires compliance review.' Add a constraint: 'No language about root cause or financial impact until confirmed by Legal and Compliance.'
Healthcare: HIPAA breach notification rules impose strict 60-day windows for notifying affected individuals and the HHS. Include: 'Flag any patient data exposure for HIPAA breach risk assessment. Draft notification language consistent with 45 CFR Part 164.' Specify that no PHI details appear in any external communication draft.
SaaS / Technology: Enterprise customer SLAs often include uptime guarantees with financial penalties. Your prompt should note: 'Reference any SLA uptime commitments that may be breached and flag for Customer Success and Legal review.' This prevents your AI output from inadvertently promising remedies that trigger contractual obligations.
Retail / Consumer: Consumer-facing crises often escalate on social media within minutes. Ask specifically for: 'A social media holding statement under 280 characters, a long-form FAQ for the website, and approved responses for the five most common angry customer messages.' Speed and tone consistency matter more than technical depth.
Once the crisis is resolved, the same structured prompt approach applies to your post-incident review (PIR) or after-action report (AAR). This is where most teams lose momentum — the incident ends, attention moves on, and the lessons never get documented.
A strong post-incident prompt includes:
- Timeline reconstruction: 'Build a minute-by-minute timeline from incident detection to resolution, based on the following log entries: [paste log data].'
- Root cause analysis: 'Using the 5 Whys framework, identify the root cause chain for [describe incident].'
- What worked / what didn't: 'Evaluate each function's response against the original crisis plan. Flag deviations and assess whether they helped or hurt resolution speed.'
- Permanent fixes: 'Recommend three systemic changes — one for process, one for tooling, one for communication — that would prevent recurrence.'
- Board summary: 'Summarize the incident, response, resolution, and remediation in 250 words for a board update.'
Structuring your PIR prompt this way produces a document that satisfies regulatory requirements, feeds your engineering runbook, and gives the board a confident narrative — all from a single AI session with the right inputs.
When not to use this prompt
When This Prompt Pattern Is Not Appropriate
This prompt structure works best when you need a structured, multi-stakeholder memo for a real or simulated incident. It's not the right tool in every situation.
Avoid this prompt pattern when:
- The incident is still unfolding with no confirmed facts. Drafting a memo before you have any verified information risks producing language that contradicts reality within minutes. Wait until you have a confirmed scope, even if approximate.
- You need a one-sentence status update. For rapid Slack updates or a quick all-hands verbal brief, this structured format creates overhead. Use a simple status-update prompt instead: current state, impact, next action, timeline.
- Legal has primary ownership of all communication. In highly regulated situations — SEC material event disclosures, HIPAA breach notifications — your legal team must draft or approve every word. Use AI here only to organize facts and draft outlines for legal review, never for final language.
- The team is too small to have named DRIs. At a very early-stage startup with 3-5 people, a formal structured memo can feel bureaucratic and slow communication rather than accelerate it. In these cases, a direct message thread with decisions documented may be more effective.
When none of the above apply, this prompt structure consistently produces faster, more usable output than any generic approach.
Troubleshooting
The AI output reads like a generic corporate template, not a real crisis plan
Your prompt is missing incident specifics. Add the exact metrics: percentage affected, start time, regions, and customer impact. Replace vague phrases like 'we have an issue' with 'API error rate at 34% for enterprise accounts since 14:15 PT.' Specific inputs produce specific outputs — generic inputs will always produce generic templates regardless of model capability.
Action items have no owners and no deadlines
Add an explicit constraint to your prompt: 'For every action item, provide: (1) one named function or role as DRI, (2) a specific deadline or time window, and (3) the definition of done.' If the AI still omits owners, add a system instruction: 'Do not list any action without a DRI. If a DRI cannot be determined from context, flag it as [OWNER TBD] with a note to assign within 30 minutes.'
The customer-facing language sounds too technical or exposes internal details
Separate internal and external drafts explicitly in your prompt. Add: 'External customer messaging must avoid: technical root-cause language, internal system names, and any language implying negligence.' Also specify the audience's technical level — 'assume the customer has no technical background' forces the AI to translate jargon into plain language automatically.
The memo is too long for executives to act on quickly
Set a hard word limit and ask for a TL;DR header. Add to your prompt: '600 words maximum. Open with a 3-sentence executive summary that answers: what happened, what we're doing, and when the next update is.' If the output still runs long, add: 'If any section exceeds 100 words, cut to the most critical point only. Prioritize action over explanation.'
The risk section is superficial — it lists obvious risks without real mitigations
Force the AI to go deeper by adding specificity to your constraint. Instead of 'list 3 risks,' write: 'Identify 3 risks that are non-obvious or could escalate the incident if ignored. For each, provide a specific mitigation action, a DRI, and a trigger condition that would activate the mitigation.' This forces consequential thinking rather than a boilerplate risk list.
How to measure success
How to Evaluate Your Crisis Memo AI Output
A strong AI-generated crisis memo should pass these checks before you distribute it:
Content completeness:
- Every required section is present and substantively filled — no placeholder language
- At least one named DRI per action item
- Timestamps on all actions and update windows
- Specific incident metrics (scope, region, start time) appear in the summary
Audience appropriateness:
- Executive summary reads in under 60 seconds with no jargon
- Board-level language is strategic, not operational
- Customer-facing copy contains no internal system names or speculative root-cause language
Structural quality:
- The memo answers five questions immediately: What happened? Who's affected? What are we doing? Who owns it? When is the next update?
- Risks section names non-obvious escalation risks, not generic ones
- Decision log is present and timestamped
Tone calibration:
- Output reads as calm and accountable — not defensive, not alarmist
- No hedging phrases that imply uncertainty about your response capability
- Internal and external messaging are clearly separated and tonally distinct
Now try it on something of your own
Reading about the framework is one thing. Watching it sharpen your own prompt is another — takes 90 seconds, no signup.
Turn your incident details into a board-ready crisis memo with named owners, timestamps, and customer messaging in minutes.
Try one of these
Frequently asked questions
Use the phrase 'root-cause hypothesis under investigation' rather than stating a confirmed cause. Instruct the AI to frame the root-cause section as preliminary and flag it for update once engineering confirms findings. You can also ask the model to write two versions of the root-cause paragraph — one for internal teams with more technical detail, and one for external use that avoids speculation.
Yes. The structure — context, audience, goals, tone, sections, constraints — applies to any crisis type. Replace technical incident details with the relevant facts: a viral social media post, an employee misconduct allegation, or a regulatory notice. The key is still specifying scope, audience tiers, approved messaging, and escalation paths. See the Reputational Crisis variation above for a ready-to-use example.
Add two specific instructions to your prompt: 'Flag any language requiring legal review before external use' and 'avoid speculative or causative language.' You can also add a constraint like 'do not admit fault or root cause until confirmed by Legal.' These guardrails won't replace a lawyer, but they prevent the AI from drafting language that immediately gets rejected by your legal team.
For an internal exec-level memo, 500-700 words is the right target. It's long enough to cover all sections with substance, short enough for a stressed executive to read in under four minutes. For board-only summaries, aim for 200-300 words. Always specify word limits explicitly in your prompt — without them, AI output tends to run long and pad sections where brevity is critical.
Run this prompt as a crisis simulation exercise. Substitute a hypothetical incident — a plausible outage scenario, a regulatory audit, a supply chain disruption — and generate a draft plan. Then review it with your leadership team to identify gaps in DRI clarity, escalation paths, and communication channels. Doing this before a real crisis surfaces weaknesses you can fix calmly, not under pressure.
This almost always means your prompt lacks functional specificity. Name each function explicitly: Engineering, Customer Support, Legal, Communications, Sales. Then ask for one action and one DRI per function. Generic output is a symptom of a prompt that says 'list action items' rather than 'for each of the following functions, provide one immediate action, one DRI, and one timeline.'
You can get both from one prompt by asking the AI to produce two separate sections: a board-ready executive summary (2-3 paragraphs, strategic level, no technical jargon) and an internal leadership brief (full detail, DRIs, technical context). This saves time and keeps messaging consistent. Just specify both audiences and their distinct requirements in the same prompt.