CIO — Montserrat is one of the many islands sprinkled among the Caribbean West Indies. In just 39 square miles, it boasts mountains, rain forests, beaches and groves of bananas, mangoes and coconuts. The air temperature rarely dips below 78 degrees and neither does the water.
In short, Montserrat is paradise. Or it would be but for the Soufriere Hills volcano, which erupted for the first time in July 1995 and hasn’t stopped since.
Soufriere Hills has rendered nearly two-thirds of the island—an area now called the Exclusion Zone—uninhabitable. Since 1995, the island’s population has fallen from 11,000 to 4,000. The volcano has buried Plymouth, the former capital. It killed 20 people in one violent belch in 1997. It has suffocated the economy, once driven by tourism and rock stars like Sting, the Stones and Paul McCartney, who partied and recorded music there at Air Studios, the recording facility once owned by the Beatles’ former producer George Martin but now buried by the volcano.
This dichotomy—Eden on one side of the island, the fires of Hell on the other—makes Montserrat a perfect laboratory for risk analysis. Just as much of Montserrat is buried in ash, it’s also buried in probabilities. Scientists know, for example, that there’s only a 3 percent chance that Soufriere Hills will stop erupting in the next six months. They also know there’s a 10 percent chance of injury from the volcano at the border of the Exclusion Zone, and they can draw an imaginary line across the island where the threat from the volcano equals the threat from hurricanes and earthquakes.
"Thirty years ago, you needed the biggest computer in the world to do the statistical risk analysis," says Willy Aspinall, who helped develop these figures in the shadow of Soufriere Hills. "Now all you need is a laptop and a spreadsheet." He says the risk calculations get better and more textured all the time. He uses Monte Carlo risk analysis simulation software and spreadsheets to quantify the risk levels that help decision-makers minimize the volcano’s threat to people’s lives.
If this type of risk analysis is good enough for Aspinall, it ought to be good enough for CIOs, especially now that they’re working in an economic environment looming as ominously over their businesses as Soufriere Hills looms over Montserrat. For the most part, though, CIOs have not adopted statistical analysis tools to analyze and mitigate risk for software project management.
This is why they should.