This week I came across two examples of risk. One avoidable, one
happenstance.
My wife is a ceramic artist and she shares studio space in an old
factory building. This week she received the news that the water main supplying
the sprinkler system had burst and flooded her studio to a depth of thirteen
inches. Partially submerging her potters wheel and her electric kiln. To
compound her misfortune she'd left her laptop on the floor, only the third time
she'd left it in the studio. As I write we are drying it out: more in hope than
expectation. The rupture of the main and the damage to the laptop come under
the heading of happenstance or sh*t happens.
The second incident was reported in the UK and it concerned the
computer system failure of the Royal Bank of Scotland (RBS). This failure
resulted in some of its customers being unable to gain access to their accounts
for up to three weeks. This week the bank was fined $90M by the UK's financial
regulator. This fine was in addition to the $112M it paid out in compensation
to bank customers and $168M cost of staff overtime to fix the problems. All
told the error cost the bank $1.2B!
The reported cause of the error was deemed to be the
incompatibility of their old, as in ancient, computer code and their new
mainframes, an issue that had apparently been highlighted in a previous audit
report but not fully addressed. Now this organization has an annual IT budget
of $1B. So money wasn’t necessarily the prime cause, but poor risk assessment surely
was. This incident definitely comes under the heading of avoidable. The
worrying thing is that there are an awful lot of corporations who are in the
same boat, with old code and a lack of willingness to fix it. Tick Tock, Tick
Tock, goes the time bomb.
No comments:
Post a Comment