Prevention is better than the cure of disaster management
Answers
Answered by
2
Prevention is better than cure: It is better to practice proactive, preventive risk management rather than reactive firefighting risk management.
I am currently working in Istanbul and on arriving in mid-July, there are many Turkish flags flying around the city to mark the one year anniversary of the attempted coup that was successfully quashed. 15 July 2016 saw a short but violent and disruptive civil unrest which caused disruption to the workings of the city and the people and organisations that operate here. One year later and it is evident that there is a renewed focus on business continuity and disaster recovery planning in the wake of those experiences. This reflects the first two clichés and should end up making businesses in Turkey more resilient. However, it does bring "prevention is better than cure" into focus in that if we were practicing good preventive risk management, we should already be ready for incidents that arise.
Often in risk management, we need a major event to wake us up and to get our house in order. This arises from a common human trait of not adequately assessing or managing risk until it happened to us. A favourite Australian saying “she’ll be right” is often used when we want to do something and someone mentions a risk and we downplay it and go ahead with the activity anyway.
These incidents we suffer can have value as implied by the first two phrases “Every cloud has a silver lining" and “What doesn’t kill us makes us stronger”. However, I think if we practice excellent risk management the last phrase is the most powerful “Prevention is better than cure”.
If we can understand the risk BEFORE we suffer an incident and we manage that risk early on to prevent it from happening in the first place, this must be better than waiting for an incident before we act and learn.
If we are to move our risk management practices to be proactive, we need to:
Understand the lifecycle of our risks very well, especially their root causes and early drivers. The use of Bow Tie analysis can be very useful here.
We need to understand the different types of control that can be used to manage the risk: Preventive, Detective and Reactive and understand that Preventive is better than Detective which is better than Reactive. We can then assess whether we have an optimal set of controls for each risk. Read: Integrated Controls Assurance – Maximum Assurance, Minimum Effort
We need a risk management framework that focusses on early management of risk. This will include Risk and Control Self-Assessment, Stress Testing and most importantly leading Key Risk Indicators.
I am currently working in Istanbul and on arriving in mid-July, there are many Turkish flags flying around the city to mark the one year anniversary of the attempted coup that was successfully quashed. 15 July 2016 saw a short but violent and disruptive civil unrest which caused disruption to the workings of the city and the people and organisations that operate here. One year later and it is evident that there is a renewed focus on business continuity and disaster recovery planning in the wake of those experiences. This reflects the first two clichés and should end up making businesses in Turkey more resilient. However, it does bring "prevention is better than cure" into focus in that if we were practicing good preventive risk management, we should already be ready for incidents that arise.
Often in risk management, we need a major event to wake us up and to get our house in order. This arises from a common human trait of not adequately assessing or managing risk until it happened to us. A favourite Australian saying “she’ll be right” is often used when we want to do something and someone mentions a risk and we downplay it and go ahead with the activity anyway.
These incidents we suffer can have value as implied by the first two phrases “Every cloud has a silver lining" and “What doesn’t kill us makes us stronger”. However, I think if we practice excellent risk management the last phrase is the most powerful “Prevention is better than cure”.
If we can understand the risk BEFORE we suffer an incident and we manage that risk early on to prevent it from happening in the first place, this must be better than waiting for an incident before we act and learn.
If we are to move our risk management practices to be proactive, we need to:
Understand the lifecycle of our risks very well, especially their root causes and early drivers. The use of Bow Tie analysis can be very useful here.
We need to understand the different types of control that can be used to manage the risk: Preventive, Detective and Reactive and understand that Preventive is better than Detective which is better than Reactive. We can then assess whether we have an optimal set of controls for each risk. Read: Integrated Controls Assurance – Maximum Assurance, Minimum Effort
We need a risk management framework that focusses on early management of risk. This will include Risk and Control Self-Assessment, Stress Testing and most importantly leading Key Risk Indicators.
Similar questions