First, do no harm

I’ve been spending a good amount of time in incident response and the Roman proverb “Primum non nocere” (“First, do no harm.”) holds especially true no matter if you are in risk management, incident response, emergency response, governance, or in the hallowed profession that made it a one of their principal precepts, medicine. So it was great to read Norman Marks’ “The Risk of Incompetent Investigations”. The few points he outlines can and should be used elsewhere in the profession, including and especially in risk management. Here’s a taste:

  1. Investigations should only be conducted by appropriately trained and experienced professionals.
  2. Investigations should be performed with an open mind, without forming any conclusions until the investigation is completed.
  3. Investigations should be adequately resourced
  4. Investigations should be performed at the direction of counsel, but managed by individuals trained in performing investigations

Read the whole article, it is full of good advice that will keep you out of trouble and minimise the unintended harm that investigations usually cause.