Lessons for Resilience
Consider the concept of "as low as reasonably practicable" (ALARP) when assessing risk as we live with COVID
The ALARP principle acknowledges that we might not be able to eliminate all risk, as risk is part of life, but we may be able to manage it. It is necessary to control risk, particularly when it comes to public health and safety. Throughout the pandemic we have continuously acknowledged the existence of COVID-19 risk and managed this risk to as low a level as practicable through various containment measures. When assessing COVID-19 risk ALARP, consider:
- What level of COVID-19 risk is as low as reasonably practicable and acceptable, e.g. for lockdown to end (this could be based on factors such as levels of hospital admissions due to COVID-19, or the number of people vaccinated)
- The likelihood of the hazard or the risk occurring and what degree of harm might result from the hazard or risk
- What actions are available to minimise the risk
- What cost is associated with available ways of minimising the risk - Is the cost proportionate to the risk
- Communicate with the public and educate them about risk being ALARP, to increase understanding that we will continue to live with COVID-19, and that recovery will consider risk in terms of ALARP
- Develop guidance for businesses (e.g. nightclubs) on operating according to the principles of risk ALARP in relation to COVID-19 containment
Consider establishing risk assessments that calculate the effects an additional emergency might have on resources
Those already strained by COVID-19:
- This could include using GIS mapping to consider allocation of resources and areas most likely to be worst affected. For example, the sorts of mitigations needed to minimise transmission of the virus during evacuation and sheltering
- Analyse existing strategies to develop disaster-plus-COVID-19 scenarios. Thinking of Hurricane Katrina as an example, 20,000 people took refuge in the Superdrome stadium. Disasters like this force people to gather in close proximity in higher numbers than recommended by health authorities for countering the COVID-19 outbreak
- Consider also that vulnerable people are particularly affected by disasters and infectious diseases and may already be disadvantaged through COVID-19
Consider risk assessments to examine the requirements for the options for easing lockdown whilst supressing the spread of COVID-19
Lockdown could be eased through:
- Gradual school reopening because children are at low risk, and there are high economic and educational costs to school closure
- Gradual return to work with younger people first (age segmentation) as they are relatively less at risk of COVID-19 than older people
- Gradual return to work by sector/workplace (sector segmentation) as some pose less risky than others
- Gradual release of lockdown by geography (geographic segmentation) as COVID-19 cases and NHS capacity vary across regions
Consider risk assessments for each of these options, since there are challenges with each e.g. cross-sector supply chains limit the benefits of sector segmentation.
Consider the following factors in the assessment:
- Costs vs. benefits
- How quickly can it be done?
- Will it be seen as fair?
- How practical is it?
- Can it be enforced?
Consider evacuation planning, including prepositioning resources to evacuation centres and how to evacuate people during COVID-19
Consider how to maintain two-metre distance and how to minimise time spent in evacuation centres. Consider working with the military to mobilise responders for emergencies that require international effort in a time where commercial flights are cancelled due to COVID-19.
Reference: Red Cross and UN Office for Coordination of Humanitarian Affairs
Consider prioritising the threat to cyber security given that many services have or will move online
Hacking may have a cascading effect, for example, a cyber-attack on a trucking company could impact food security. The disruption could affect weekly food deliveries to supermarkets. In turn, the loss of revenue would weaken the business sustainability of distributors and producers.
- Hackers crashing Zoom meetings, disrupting conversations of government officials who conduct remote discussions (USA)
- False emails from the US Department of Health and Human Services are targeting supplier companies. They request protective equipment described in an attachment infected with malware. (USA)
- A cyberattack on Italy's social security system (INPS) has revealed Personally Identifiable Information to applicants as they were attempting to claim benefits (Italy)
Consider risk and vulnerability analysis of online systems
They may consider adopting the Global Risk Assessment Framework (GRAF) as a framework to track, respond to- and reduce the impact of expected cyber-attacks.
Consider the use of the 2019 Global Assessment Report (GAR19)
The 2019 Global Assessment Report (GAR19) contains recommendations on the cascading effects of cyber-attacks (used food security as a case study) to protect their online systems.