The Cabinet Office's National Risk Register lays out the main threats to the country but offers little in the way of solutions
Governments are often criticised for not delivering solutions. They can tell what is wrong with a situationbut happily leave it to someone else to solve. With the national risk register Britain’s Cabinet Office has not done much to dismiss this criticism. What it has done well is highlight a range of critical threats facing the UK.
The report maps out the risk landscape facing the UK over the next five years. The idea is that, armed with the information, citizens, communities and businesses can prepare themselves for the worst and, by extension, improve national resilience. Considering the interconnected nature of many of the risks, it is hoped that businesses and states can use the information to knit their crisis plans together. It marks a firm step towards building coordinated risk management and improving the UK’s ability to manage global risks.
A flu pandemic was rated the threat with the biggest impact. Most newspapers elicited surprise that it was rated higher than terrorism, but, in truth, the impact of a pandemic is likely to be further reaching than a single terrorist strike. Estimates suggest a human-to-human strain of avian flu could leave businesses with their workforce halved. The impact of a curfew on public gatherings as well as travel restrictions could be even more debilitating. Few people in the professional risk world would have been surprised to see pandemics rated highly.
Some detail is also given on what counter measures the Government has in place. These include a stockpile of vaccine to treat up to 25% of the population. A specific vaccine, however, would not be available for up to six months after a pandemic had started. Making this information public could help companies dovetail their plans with the Government response. But overall there is a noticeable absence of detailed information on the government’s plans for recovery.
This could be because what is publicly available is restricted to a summary of the Government’s real plans, although it makes a point about revealing information that was previously held confidential. While it may give some indication of what the Government has in store, it is unlikely to be enough to enable companies to integrate their plans into a broader national response. It does seem to suggest that, behind the scenes, work is under way between the Government and the private sector along these lines.
“Avian flu could leave businesses with their workforce halved
Too few answers
The spotlight was shone on other threats, which included severe weather, infectious disease, major industrial accidents and malicious attacks. The Government warned that foreign intelligence organisations are at this very moment attempting to penetrate computer systems storing confidential data, as well as commercially sensitive information held by private companies through the internet.
A quick observation reveals that a number of important risk areas are overlooked, such as systemic financial shocks or geopolitical risks. Yet, as we saw with Northern Rock, the collapse of a major financial institution required a central government response almost immediately. Nor have the authors laid much weight on the interdependency of risks, which was a central feature of the World Economic Forum’s Global Risks report at the start of the year.
Risk managers, who have to identify all of the critical risks to their company, will probably find it useful to have risks codified and broken into subsets, as they are in this report. And it is clearly valuable to know what the Government considers to be the biggest risks. But without qualitative analysis on the impact of those risks, the information will not be much use beyond that. Not many risk managers will find the report much use when purchasing insurance. In fact, it is more than likely that the larger companies have already gone further themselves. John Hurrell, AIRMIC chief executive, noted: ‘Our members will have done much more detailed risk registers.’
In order to be effective in its goal of improving resilience the national risk register needs to be embraced by the private sector. The danger here is that without providing proper solutions, companies may feel the Government is unfairly shifting the burden of solving the problem.