Reference
A plain-English glossary of crisis simulation and resilience.
The words buyers and boards use around crisis exercises, defined simply.
The words buyers and boards use around crisis exercises, defined simply.
Crisis exercises come with a vocabulary that is rarely written down in one place. Below are short, accurate definitions of the terms that come up most often when a risk, resilience, or board team scopes a program. Where a term connects to what Force Majeure does, there is one sentence and a link.
A crisis simulation is a structured exercise in which a team works through a realistic, evolving crisis and makes decisions under time pressure, in order to test judgment, plans, and coordination before a real event occurs. It can range from a discussion-based tabletop to a fully interactive software environment. In Force Majeure, a player runs a multinational firm through real-world crises across about 200 markets, and you can read more on what a crisis simulation is.
A crisis tabletop exercise is a discussion-based session in which participants talk through their roles and responses to a hypothetical scenario, guided by a facilitator, without deploying real systems or personnel. It is a low-cost way to surface gaps in plans, assumptions, and decision rights. In Force Majeure, the exercise extends beyond the single-threat cyber tabletop to geopolitical and socio-political crises, compared side by side on crisis simulation versus the cyber tabletop.
Business war gaming is a structured exercise in which teams take on the roles of competitors, regulators, or other actors and play out moves and counter-moves to test a strategy or decision. It is used to stress-test plans and reveal how rivals and stakeholders might react. In Force Majeure, the same logic of moves and reactions runs through every scenario, described further on business war gaming.
Scenario planning is a method for preparing for the future by developing several plausible, internally consistent stories about how conditions could unfold, then examining their implications for strategy. It is used to widen thinking and test decisions against a range of futures rather than a single forecast. In Force Majeure, scenarios are generated against your real footprint and refreshed as conditions change, set out on business war gaming.
Geopolitical risk is the risk that conflict, tensions, or actions between or within states disrupt a company's operations, markets, or supply chains. It covers events such as war, sanctions, trade restrictions, expropriation, and political instability across the countries where a firm operates. In Force Majeure, this exposure is exercised on your real country and sector footprint, covered on geopolitical risk training.
Political risk is the risk that political decisions, events, or conditions in a country affect the value of an investment or the viability of an operation. Examples include changes in government, regulation, taxation, currency controls, and civil unrest.
Socio-political risk is the risk arising from the interaction of social dynamics and politics, such as protests, strikes, community opposition, reputational backlash, and shifts in public sentiment. It often plays out locally and can affect a company even where formal politics is stable.
A polycrisis is a situation in which multiple, interconnected crises occur at the same time and interact so that their combined effect is greater than the sum of the individual shocks. The term is used to describe how economic, geopolitical, environmental, and social risks now compound one another.
Operational resilience is an organization's ability to prevent, adapt to, respond to, recover from, and learn from disruptions to its important business services. It is increasingly treated by regulators as a discipline in its own right, with explicit expectations for testing and recovery.
Business continuity is the planning and capability that allow an organization to keep delivering products and services at acceptable levels during and after a disruption. A business continuity plan documents the procedures, resources, and recovery priorities needed to achieve that.
An after-action report is a structured written record produced after an exercise or real incident that captures what happened, what worked, what did not, and the actions needed to improve. It turns a one-time event into documented findings that can be tracked and reported. In Force Majeure, every exercise is scored on a published rubric and written up as a board-ready after-action report, detailed on the enterprise briefing.
DORA, the EU Digital Operational Resilience Act, sets requirements for the financial sector on managing information and communication technology risk, including incident reporting, resilience testing, and oversight of critical third-party providers, and has applied since January 2025. NIS2 is the EU's revised Network and Information Security Directive, which raises cybersecurity and incident-handling duties across essential and important entities and assigns explicit responsibility to management bodies, with national measures due from October 2024. In Force Majeure, the documented output is mapped to the framework your committee reports against, set out on the enterprise briefing.
The judgment Force Majeure tests was calibrated to a 2021 Harvard Business Review study by the authors, which found that community-embedded firms were about three times more likely to stay profitable and nine times more likely to survive a crisis. That is why the exercise is built to be useful in the room and reportable to a board afterward.
Tell us your footprint and what your board is worried about. We reply with a scoped brief.
Tell us your sector, footprint, and objective.
Thanks, your request is on its way to the Force Majeure team and we will be in touch shortly. If you would rather email us directly, use this link.