Data is also at risk from outside hackers who penetrate databases using malware, phishing
schemes, and other malicious tools, as well as from malevolent insiders who have access to
credentials, assets and other damaging information.
To combat these challenges and ever-changing regulations many risk and IT managers are
looking at software vendors to provide cloud-based or hosted applications. For these off-
premises applications it important that the software vendors are ISO 27001 and SOC II
compliant.
Risk management systems must have the capability to protect data across the organization.
And while no internal system is entirely secure, it is important to understand the security
protocols that are in place and how the information contained in those systems is protected.
9. User Experience
This may seem like the most simple and
straightforward tenet. But many companies
still struggle with this basic functionality.
Ease of use has been a major factor for users
of insurance support systems for years. Risk
management touches so many individuals
and business areas across the enterprise
that it is imperative to have a system that is
easy to understand, learn and manage by all
users. It should be intuitive to use and offer
dynamic functionality, including navigable
screens and easy-to-find contextual portals,
wizards to open new claims, scripting and
dynamic questioning methods that enable
organizations to deliver consistent service.
Today's effective risk systems utilize
business and system operation rules to
streamline workflows, create sophisticated,
well-orchestrated correspondence, and
integrate data from multiple sources –
including external risk data. Best of all, risk
systems provide risk managers (and other
stakeholders across the organization) with
access to real-time data and information,
delivered in the format and channel they
choose.
MAKING SENSE OF RMIS | 11
