In today’s world as we continue to face the unknown and uncertainty related to COVID-19, it is becoming more and more clear that testing and monitoring are key to containing and hopefully stopping viral spread. Facing the unknown and uncertainty is also a huge challenge when it comes to risk, process, and information management in business where testing and monitoring of the information ecosystem should be considered essential to the health of the business organization.
This brings to mind the theory of Schrödinger’s cat. In simple terms, Schrödinger stated that if you place a cat and something that could kill the cat (a radioactive atom) in a box and sealed it, you would not know if the cat was dead or alive until you opened the box. So until the box was opened, the cat was (in a sense) both “dead and alive”.
Now apply that basic principle to COVID-19. You enter an environment full of people you have never met. You spend a few hours in close proximity to all of these unknown people, talking enjoying conversations, and sharing the same air and airborne germs they may or may not carry. You may or may not be wearing a mask, but the majority is definitely not.
You have no idea if any of these individuals is infected or carrying the COVID-19 virus until you either get tested, or get ill yourself. It could then be surmised that you could be both fine – without infection – and infected at the same time. This is also true that you could have infected others or not, as a result of your being in that close environment with other people.
When we apply this to information and process management in relation to risk, many organizations have little to no idea of what information assets they hold, where they reside across the enterprise, who has access to it, and how it is processed through the organization.
In My View
Like Schrödinger’s cat, many businesses could answer that information both exists or doesn’t and be right on both accounts, as they really have no idea. The same holds true of processes as many businesses processes are undocumented, and developed as a result of serendipitous need rather than by design. From a Risk perspective, this is a nightmare.
Businesses must take hold of their information assets, and control their business processes in order to avert Risk, or at least minimize their Risk potential. When asked, the answer shouldn’t be we may or may not have information of that type, but a more definitive, yes or no and here is how it is processed and managed. This can only be done effectively by testing, monitoring, and refining the information ecosystem on a regular basis. So, what is the status of your cat?