Hyland TL
Follow Us
ITA MEMBERSHIP

RISK / SECURITY

RISK / SECURITY

Pick Your Poison: Plenty of Risks for Carriers Today

Bill Jenkins | October 16, 2015

Insurers face risk every day:  financial risk, market risk, natural disaster risk. No part of the organization is immune. Even the IT department faces a multitude of risks, including:

  • Data and cyber security risk
  • Regulation and government risk
  • Network and infrastructure failure risk
  • Disaster and business recovery risk
  • Loss of key employee risk

But one of the biggest risk management issues that has plagued all insurance IT operations over the years has been project failure risk.

Most system development projects represent significant corporate investment from both a tangible view (financial investment, staffing investment, and technology investment) and an intangible view (lost opportunity costs). But are companies truly reaping the benefits of those investments?

The Standish Group publishes an annual study concerning failed IT projects. The 2015 study states that over $250 billion dollars is spent annually on application development in the U.S. The average cost of a development project for a large company is over $2 million. Development projects in the insurance industry alone can run into tens of millions of dollars for a core system replacement (such as claims or policy administration).

Project failure is often defined as being over-budget, overdue, and missing user expectations. Project management studies highlight that the majority of development projects fail over time, and only about 15 percent of software projects are completed on time and on budget. Under greater scrutiny, it becomes apparent that many “successful” projects are the result of reduced functionality or to a scaling back of the system’s original specifications/requirements. More frightening however, is the fact that The Standish Group report states that system development failures are increasing.

When you find yourself in a hole, stop digging. (Will Rogers)

One aspect of IT management is abundantly clear. We do not learn from our past project management development mistakes. Whether your company is instituting new technologies or undergoing a major system overhaul, you can always find varying degrees of risk. But in my 35-plus years experience as a CIO, a PMO head, a project manager, and a business user, I have found that system project failure has often been a direct result of human issues and not technical ones.

Here is just a sampling of human challenges:

  • Changing requirements and system specifications
  • Lack of user involvement
  • Minimal (or no) executive support
  • Lack of focus and resources
  • Ambiguous project charter or statement of requirements
  • Unrealistic user expectations
  • Poor project planning and administration

There are several risk management steps that could—and should—be undertaken in order to reduce project development risks:

1.Embed risk communication into the project management plan and discipline. You should include risk communication in all project tasks and highlight them in all project meetings. Most importantly, keep the project sponsor and senior management team informed of pending risks and the steps for addressing them.

2.Identify risks in the project planning phase. History and experience should play a large part in this stage. You may not be able to determine all the risks to be encountered, but you should be able to identify a large majority of them.

3.Analyze, prioritize, and record the risks. What are the potential impacts of the risk? How will it affect the overall project? And what impact will it have on the organization’s business?

4.Assign responsibility and ownership for all identified risks. Each individual is responsible for the assigned risk and should monitor its impact. Some project managers think that once the risk has been identified and a list of risks is created, their job is done. Nothing could be further from the truth.

5. Plan and implement risk response or risk mitigation plans. Plan for contingencies: Should the risk be transferred, minimized, accepted or avoided?

6.Manage and track all risks and their associated tasks. Tracking all project tasks is a day-to-day job of the project manager. Integrating the risks and the tasks into the daily project management routine is the way to manage them.

Having a checklist of how to manage project risks is one thing; the execution of these steps is quite different. Project task execution falls on the shoulders on the project manager. Project managers often get caught up in “political” matters that may result in changing specifications/requirements, delayed decision-making, competing priorities,  or a lack of focus and support.  All of these factors place the project in jeopardy.

One potential solution lies in the use of dual project managers for mission critical projects; also known as the Black Hat project manager and the White Hat project manager. The Black Hat project manager is an external project manager whose major responsibilities are to drive the project to its target dates, accomplish the objectives established for the project, and ensure a formal and strict change control process is in place and followed.

The White Hat project manager is a company employee who serves as the company’s project liaison, ensures that the proper staffing is assigned to the project, and makes certain that communications and status reports are completed to help navigate the project through any political waters.

The use of this dual project management structure has proven to be successful by organizations that have used it.

Time and again, it has become quite clear that the main difference between an IT project that is amazingly successful or an abysmal failure often lies with the human factor. So, whether your IT projects are small (but critical) system upgrades or multi-million dollar investments, you need to be sure that each project is managed, executed and monitored using the proper risk management techniques.

 

 

 


Featured articles

Hyland MR 4 10 2018

MT 4 10 2018 Large RHS

ELECTRONIC CHAT

The Email Chat is a regular feature of the ITA Pro magazine and website. We send a series of questions to an insurance IT leader in search of thought-provoking responses on important issues facing the insurance industry.

WEB EVENTS

ITA is pleased to present the 2014 Webinar Series. We have many topics for you to choose from and attendance is open to all ITA members. The webinar topics are current and exciting — ranging from predictive analytics to telematics and will focus on the direction insurance carriers need to follow for the future. All webinars are presented by insurance IT professionals along with some of the leading analysts and consultants in the field. There is no cost to attend an ITA webinar. For more information and to register for the webinar, click the “title” of the webinar below.

BLOGS AND COLUMNS

only online

Only Online Archive

ITA Pro Buyers' Guide

Vendor Views

Partner News