top of page
Writer's pictureShannon Lantzy

Uncertainty != Risk

Updated: Sep 11, 2023

We can manage risk better than we can manage uncertainty. In medtech cyber, there is a lot more uncertainty than well-characterized risk.


Uncertainty Scenario: A new drug is proposed in a population that sorely needs it. The clinical study showed weak signals of a severe risk, but the study wasn't large enough to sufficiently measure the risk. Therefore, we are uncertain of whether this drug causes severe life-threatening events.


Known Risk Scenario: A new drug is proposed in a population that sorely needs it. The clinical study showed a strong signal of a very low probability risk. The study's design and size were appropriate to characterize the risk. People who take the drug will certainly be at elevated risk of a severe life-threatening event.

Risk management and mitigation to reduce exposure for financial investment, projects, engineering, businesses. Concept with manager's hand turning knob to low level. Reduction strategy.
Is anyone else as amused at stock images as I am? This one was too good to ignore.

In the uncertainty scenario, I want a lot more data about the risk before I decide to approve or take the drug. Maybe the risk of my death is much higher than we know? Maybe the risk isn't worth the tradeoffs?


In the risk scenario, I can estimate the tradeoff between the low possibility of severe consequences. I can take measures to avoid the risk. As a regulator, I could require the sponsor to implement a Risk Evaluation and Mitigation Strategy (REMS). As a patient, I can make an informed decision.


There will always be uncertainty, there will always be risk. When there is a decision to make (e.g., regulatory approval, commercialization approach, study design), treat uncertainty and well-characterized risk differently.


In medtech cyber, there is a lot more uncertainty than well-characterized risk.


~Shannon, the Optimistic Optimizer


25 views

Recent Posts

See All
bottom of page