“If anything kills over 10 million people in the next few decades, it’s most likely to be a highly infectious virus, rather than a war. Not missiles, but microbes.” That’s from Bill Gates’ 2015 TED Talk, in the midst of the Western African Ebola outbreak. Gates added “W]e’re not ready for the next epidemic…. With Ebola, the problem was not that we had a system that didn’t work well enough. The problem was that we didn’t have a system at all.”
Let’s fast-forward to a couple years ago, the 100th anniversary of the 1918 flu pandemic. What should have been understood in 2018 as the risk, in the near-term, of an epidemic or pandemic with major impact in the United States?
Understanding risk is how we address uncertainty. Whether you prefer the common definition of risk (the possibility of loss or injury) or the more technical concept under ISO 31000 or COSO’s ERM Integrated Framework (the effect of uncertainty on objectives), understanding risk requires us to evaluate the likelihood and severity of potential outcomes. Understanding risk also requires us to evaluate our current readiness to mitigate or control the risk, in light of our risk tolerance.
So, in 2018, what did we know about the likelihood and potential severity in the United States of epidemics and pandemics, and what did we know about our readiness to respond? Continue Reading Pandemic Lesson 1 for Information Governance: Understanding risk matters