If most problems are due to human error, the next metric for understanding risk and business impact might just be the stupidity index. It’s a somewhat tricky concept in a business sense, because stupidity is often context-dependent. The Peter Principle points this out, by stating that in organisations, people are promoted to their highest level of incompetence. Carlo Maria Cipolla also researched the matter to come up with a number of ‘laws of stupidity’. One of these laws in particular is relevant to business continuity management: “Non-stupid people always underestimate harmful potential of stupid people.”
Granted, the stupidity index hasn’t had the same publicity as IQ tests (excellent for measuring IQ, but do they really measure intelligence?) However, a model for gauging stupidity on a scale of 0 to 5 does exist. At zero, the subject has a modicum of common sense. At five, the subject’s stupidity includes having conversations with inanimate objects. A similar scale might be devised for organisations ranging from zero (give training and clear instructions, trust employees to a reasonable level) to five (no communication of objectives, non-existent change management, totally ignoring suggestions for improvement).
But could a non-zero stupidity rating perhaps be useful? Mats Alvesson and André Spicer had a different view of staff stupidity in their writing about A Stupidity-Based Theory of Organizations. Their theory is that ‘functional stupidity’ may even help to produce results in organisations, by avoiding employees questioning instructions given to them. Functional stupidity in this sense is less a lack of intelligence, and more compliance with a hierarchical superior, for example. In a business continuity sense, this could work if the instruction-giver was sufficiently smart about the instructions to be given. Otherwise, it would be a case of the blind leading the blind; or rather, the stupid leading the stupid.