Many organisations face a dilemma over these two options.
1. Create, develop and maintain systems to assess risk, manage H&S, test response capability, build a crisis management infrastructure.
2. Do none of the above, and just insure heavily.
No prizes for guessing my opinion from the bias in the question, but I would be interested to hear others' views (especially contrary ones!) - the UK insurance market seems to be driving companies to develop systems as a risk reduction strategy, while from our experience in the US many organisations choose insurance on the premise that unless a preventative system is perfect, it is safer to have no system and rely on insurers than to have an imperfect process that might leave you open to litigation.
Then there are reputations to consider.....
Many organisations face a dilemma over these two options.
1. Create, develop and maintain systems to assess risk, manage H&S, test response capability, build a crisis management infrastructure.
2. Do none of the above, and just insure heavily.
No prizes for guessing my opinion from the bias in the question, but I would be interested to hear others' views (especially contrary ones!) - the UK insurance market seems to be driving companies to develop systems as a risk reduction strategy, while from our experience in the US many organisations choose insurance on the premise that unless a preventative system is perfect, it is safer to have no system and rely on insurers than to have an imperfect process that might leave you open to litigation.
Then there are reputations to consider.....