Enterprising Developments

Seven Steps for Taking the Risk Out of IT

Joe McKendrick
Insurance Experts' Forum, November 5, 2010

Insurance carriers are masters of risk management; that's their business. But while being adept at measuring the risks associated with customers and potential customers, how many apply risk management principles to internal IT operations?  This may be an overlooked area.

The IBM Institute for Business Value just released a study of 550 IT executives from across the globe which finds information technology – which everyone depends on for every aspect of their business – still has some uncertainties. The most significant issues with lack of IT risk management practices include business continuity, information security and corporate reputation.

The study's authors make the following recommendations to better develop IT risk management approaches:

 1. Examine and assess the organization’s IT risk capability: Cross-enterprise planning should encompass data, security, resilience and disaster recovery, and new technologies.

2. Look for champions among senior leadership: Become a trusted adviser and valued resource to the CIO;.”

3. Determine how to heighten risk awareness at all levels, and within the organizational culture itself: Education and training are key. Incorporate risk awareness into everyday business and IT processes.

4. Create a strategy for regularly communicating the breadth of risk management, as well as compliance topics and issues. Emphasize that it is more than just a “one-time” activity.

5. Build risk-related procedures into the IT infrastructure, as opposed to adding them to applications in a piecemeal manner.

6. Make sure safeguards are in place to help prevent unauthorized access to company data and systems.

7. Review business continuity plans.

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology.

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

 

 

 

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Why You Can't Take a Wrecking Ball to Your Legacy System

If you think of enterprises like collections of neighborhoods that need to be nurtured, you quickly see that architecture, not obliteration, is the key.

Ten Stats About Social, Mobile, Analytics, Big Data, Cloud and Digital

Deployment rates have grown in the year since Novaricaís last study on these topics.

The Apple Bounce: Are Wearables Truly this Big?

I just donít believe it; only 720,000 Androidwear watches were sold in 2014. Apple has been amazingly successful in so many markets. Were they always first? No, a lot of products before. Were they always best? Again, no, superior devices have fallen.

How Quote Data Can Deliver Powerful Business Insights

Quote data often is disregarded due to its volume, but properly managed can offer insights into product and pricing strategy, expense control, cross selling and upselling.

Product Configurators: Moving Insurers toward Self-Sufficiency

Insurers may like a vendorís full service model for updating policy content rules, but they donít want to be held captive if the vendor doesnít offer fast speed-to-market.

Trends in P&C and L/H/A Policy Administration Systems

Novarica research shows that nearly 40 percent of P&C and life/health/annuity carriers are currently replacing or planning to replace a policy administration system.