Risks Abound, Now Manage Them
Steve Callahan | April 28, 2014
The heart of risk management consists of identifying and analyzing exposures and then taking the necessary steps to minimize risk. While a variety of methods can be used to manage the multitude of risks inherent in a business as complex as insurance, a foundational component—the project risk management plan—is often neglected.
Without a well-thought-out risk management plan, even the best-managed projects can’t effectively anticipate and mitigate potential risks. Instead, risk management becomes an ad hoc process occurring reactively or, worse, retrospectively after it is much too late to avoid a negative impact on the project.
Given the vast range of opportunities offered by newer technologies, escaping the burden of legacy-bound environments has become critical to successful competitive differentiation. The ability to integrate social media, big data, analytics, and mobile computing alone has become table stakes, challenging companies to successfully deliver on complex projects facing limited funds, short timeframes, and little room for error.
Managing the risk involved in these projects has moved from informal and reactive to a defined process that is integrated into the implementation methodology and governance practices. Completely eliminating risk is all but impossible, thus, the emphasis shifts to the timing of risk identification. The earlier problems can be identified—or better yet, predicted from leading indicators—the quicker corrective action can be taken to reduce negative impact.
So what are the predictive indicators that can be used to identify and address risks early on? An extended review of successful and unsuccessful projects identified the following as the most common warning signs of approaching problems:
- Inadequate Specifications
- Changing Requirements
- Inadequate Change Control Management
- Inexperienced Personnel
- Unrealistic Estimates
- Subcontractor Misrepresentation/Underperformance
- Poor Project Management
- Lack of User Involvement
- Expectations Not Properly Set
- Poor Architectural Design
A structured process incorporating the ranked assessment and constant monitoring of the most likely and impactful risks from the above list is critical from a project scope, cost, and schedule basis. More often than not, projects with insufficient risk monitoring and inadequate contingency planning will take a turn for the worse.
Underestimating or even ignoring risk at any point during the project, whether internal or external, usually has a materially adverse impact—sometimes resulting in outright project failure. Project managers must continuously monitor and analyze known risks while developing an appropriate contingency plan to address the emergence of unknown risks.
Obviously, intentional risk management is an integral part of the project quality assurance effort targeted at minimizing the major sources of rework, schedule, and cost overruns, as well as performance and quality degradation.
There is a strong correlation between the level of risk management in a project and the level of success. Without a structured system for identifying and managing risks, the level of risk tolerance (where reward exceeds the risk) decreases significantly. Applying risk management rigor to a project will improve its outcome.
To incorporate effective risk assessment and governance practices, all project management plans should include these six inputs, sourced from the PMBOK manual:
- Project Scope Statement: a general overview of the project scope, the deliverables and framework for the degree of risk management needed;
- Cost Management Plan: a definition of risk budgets, contingencies and financial resources needed to address risk potential;
- Schedule Management Plan: how schedule contingencies will be reported and assessed;
- Communications Management Plan: the information shared among the project members and stakeholders and protocol on sharing information and risk responses;
- Enterprise Environmental Factors: factors influencing the plan including attitude toward risk and organizational risk tolerance; and
- Organizational Process Assets: including risk categories, risk statement formats, roles and responsibilities, and authority levels.
Determining which risks may affect the project, documenting their characteristics, assessing their impact, and ranking them accordingly is an iterative process that requires realigning existing risk profiles while incorporating new ones as they arise. The primary output of this process is the development of a risk register, documenting a qualitative and quantitative risk analysis, along with risk response planning. The risk register also provides a strategy to manage risks which include mitigate, avoid, accept and transfer.
An investment in project risk management, which typically ranges from two percent to four percent of your project costs, compares favorably with potential cost overruns and lost opportunity costs, which can reach more than 50 percent of the project costs. Taking the necessary time to develop a comprehensive project risk management plan is essential for overall project success. It’s simply a matter of good insurance.
Steve Callahan is a practice director at The Nolan Company, a management consulting firm specializing in the insurance industry. He can be reached at firstname.lastname@example.org
- The Rapid Evolution of Consumer Protection Regulation
- Talent Hunt: Finding, Attracting, Retaining Top People
- Insurers Flexing Their Distribution Models
- Technology Driving Disruption in Insurance
- Fear of ‘Next Bubble’ Challenges Life, Annuity Carriers
- Technology Allows Commercial Lines Insurers to Stand Out
- Single Sign-on Viewed as Biggest Tech Challenge for Agencies
- ISCS Observes 20th Anniversary; Scurto Predicts Major Changes Ahead
- Policyholders and Their First Impressions
- Progressive Making Progress on the UBI Front
- High and Dry: Insurers Search for Disaster Recovery Plans
- Insurers Sign The (Un)Dotted Line
- Reflections of a Retired Insurance CIO
- Mobile Device Management Just One Answer to BYOD Issue
- Lessons from GEICO and Progressive on Winning the Critical Buying Stage
- You Are a Target for a Cyber Attack
- Web-based Systems are the Next Evolution in Claims Technology
- Gaining a “Wow” Experience from Web Users
- Time to Shift from Business/IT Alignment to Business/IT Alliance
- Healthcare Insurers Changing to Consumer Model
- Organization is the Key for Selecting Software Vendors
- Analysts Expound on the Needs of the Mid-tier Insurance Market
- Finding the Cure for Obamacare’s Website
- New Software Solutions Benefit Insurers on the Inside and Outside
- Products, Market Impede Investment in Systems for Life Insurers
- Combatting Cyber Threats: Predict, Prevent, Persist
- The Future of Telematics Heads Beyond Insurance
- The Shame in Cyber Security Lapses
- Building Policy Administration Systems for the Future
- Insurers Look Into The Eyes of Their Policyholders
- It’s a New Dawn for the ITA
INSURANCE IT NEWS
- Few Surprises in Cybersecurity for Insurers
- Few Surprises in Cybersecurity for Insurers
- ITA Pro Weekly, January 20, 2016
- Verisk Releases Cyber Exposure Data Standard for Insurance
- British Insurer Selects Guidewire Core Systems
- Nationwide Private Client Expands into New States with ISCS Solution
- Majesco, Appulate Announce Strategic Partnership
- Boston Mutual Partners with Onyx Data Solutions
The Email Chat is a regular feature of the ITA Pro magazine and website. We send a series of questions to an insurance IT leader in search of thought-provoking responses on important issues facing the insurance industry.
ITA is pleased to present the 2014 Webinar Series. We have many topics for you to choose from and attendance is open to all ITA members. The webinar topics are current and exciting — ranging from predictive analytics to telematics and will focus on the direction insurance carriers need to follow for the future. All webinars are presented by insurance IT professionals along with some of the leading analysts and consultants in the field. There is no cost to attend an ITA webinar. For more information and to register for the webinar, click the “title” of the webinar below.
BLOGS AND COLUMNS
Insurance carriers interested in meeting or exceeding their customer’s expectations regarding mobility are looking at a two-pronged approach... READ MORE
Robert Regis Hyle
Everybody has a wish list and it seems that atop the lists for insurance carriers still operating with legacy systems is the desire to do away with... READ MORE
As Guidewire Software prepares for the start of Connections, its 11th annual user conference that begins on Nov. 2, Brian Desmond, chief marketing... READ MORE
Strategy Meets Action will hold its annual Summit in Boston on Sept. 14 and the focus for this year is: Becoming the Next-Gen Insurer... READ MORE
Starting last fall when the technology company dropped Mastek from its name and became simply Majesco, its mergers and acquisitions, and hirings have... READ MORE
Digital represents a continuous form of disruption to existing or new business models, products, services or experiences enabled by data and... READ MORE
In spite of all the arm-flapping and hand-waving stirred by the Affordable Care Act (ACA), the way health insurance is purchased, and employee... READ MORE
- Vendor Views