Risk managers who want to be at the centre of the information hub would benefit from the new generation of centralised information management systems, says Alain Gray

Risk managers are a special corporate breed. Internally, they are interested in all their organisation's activities, capturing and dealing with information from many departments, operations and countries. Externally too, they have relationships with many parties, including brokers, consultants, valuers and engineers. So, for a risk manager, keeping track of information, action points and key dates presents a real challenge. And with the advent of new regulation, being able to demonstrate how issues are logged and action taken has become increasingly important for the organisation, as well as for the risk manager's personal liability.

In this environment, most risk managers still operate with outdated tools - e-mail, spreadsheets and network drives. However, these have serious deficiencies, including lack of overall control, limited audit trails and proliferation of file copies and versions.

Historically, the major broking houses saw an opportunity to offer a value added service, which would enable information to be managed more efficiently. These systems were developed at high cost and were based on proprietary software. Many risk managers' reactions to these services were lukewarm, often due to the inflexible nature of the proposition.

In addition, risk managers working for large corporations often deal with more than one broker and were reluctant to use several platforms.

New generation solutions

A new generation of centralised information management systems (CIMS) has matured and can provide tremendous support to risk managers at two levels:

- operationally, by more efficiently managing large amounts of information from numerous sources

- strategically, by placing the risk manager in a position where he or she is in control of all data and is at the centre of the information hub.

Software costs have fallen to the stage where best of breed platforms are available for thousands, not millions, of pounds, and offer functionality which is years ahead of what is currently on offer. The key question is whether risk managers are aware of the systems available to them and of how to exploit the benefits to support their function.


CIMS (also known as extranets and web collaborative tools) are built on three pillars: a central information repository in which all data is held only once; a known list of members who can access the central information, and an access rights matrix which correlates read/write rights between members and information. The most efficient and effective CIMS are those constructed in a manner which combines ease of information retrieval with comprehensive access security.

CIMS differ from e-mail in four main ways:

- no duplication of content - information is held once only and accessed many times

- increased security - data is held in a secure environment with well thought-through access rights and appropriate levels of data encryption.

E-mail is an inherently high seepage platform

- control - risk managers can see current and historical information, as well as action points, from one vantage point

- reduced data storage costs - unnecessary proliferation of copies and versions is avoided.

They also differ from intranets in that they allow information sharing with third parties (as set out above), whereas intranets are normally only accessible by colleagues. Further, the structure, features and access rights of a CIMS are typically owned by business users, rather than by IT or corporate communication departments.

Towards real-time collaboration

In contrast to e-mail and intranets, some CIMS allow concurrent access to files by two or more members. This can be very helpful in the review of wordings and the reaching of agreement on presentation of underwriting data. Real-time collaboration avoids the traditional exchange of lengthy e-mails, by placing the interested parties in the same virtual room. Combining this with other features, such as version control, means that prior versions are still maintained - albeit once only and centrally.

The development of insurance transactional platforms has been expensive and, to date, largely unsatisfactory. By linking the exchange of information between clients, intermediaries and markets to the commercial transaction, a host of complex issues has been raised.

Brokers and risk managers can, and should, differentiate between the information sharing and transactional phases of the relationship. By taking this approach, they target the activities which absorb 80% of their efforts (data gathering, management and dissemination) from inefficient platforms (e-mail, CD Roms) to streamlined CIMS. Benefits soon appear, and reduced regulatory and legal barriers lead to increased acceptance by key stakeholders.

Success factors beyond technology

While the right choice of technology is fundamental, several other factors are at least as important, including the following.

- Information flows: an effective CIMS relies on a thorough understanding and analysis of existing information flows. Without this analytical phase, unwanted new work flows and procedures may result, which can upset key stakeholders and undermine the realisation of shorter term benefits. If senior stakeholders wish CIMS to play a transformational role as well, then this should be clearly understood and communicated at the outset.

- Key players 'underwriting' the CIMS: maximum benefit will result if a sub-optimal way of working is replaced by a more efficient one. Going for a half-way house (some using the CIMS while others continue to use e-mail) can be a worst case scenario, as users will become uncertain as to where to find information. Communication of the project's benefits, as well as a commitment to support and use it, is, therefore, a key to success. Key leaders are the client, the broker's client director and - if appropriate - the lead underwriter.

- Awareness building and training: this is again a fundamental stepping stone to acceptance and adoption. A variety of media can be deployed, including manuals, on-line demonstrations and training, flash-based demos and classroom-style training.

- Timing: implementation of the CIMS should be timed to coincide with the least busy part of the work cycle. Introducing new technology around renewal time is counter-productive. A three month implementation schedule is typical.

Who can access a CIMS ?

Being web based (although hosting can be managed within the client's environment/firewall), CIMS can be accessed by any party approved by the webmaster. This means that the risk manager or broker can provide real-time access to key parties, such as risk consultants, engineers, surveyors, loss adjusters and claims managers. Ad-hoc internal reviews by internal auditors can also be simplified, by providing access to the central platform, rather than having to gather an information pack. Distance is not an issue: internet access is the only access criterion.

Some people might consider that the more efficient flow of information between client and (re)insurers is a threat to the broker. While some activities such as information (re)distribution may no longer require broker intervention, this in no way diminishes the broker's contribution.

Market knowledge, programme structuring, risk analysis and presentation will continue to be valuable commodities. In addition, clients can take a strategic decision to establish a CIMS and ask their broker to manage a part of it - thereby achieving what many would consider the dream scenario.

Further strategic considerations

A successful CIMS benefits all stakeholders. The client is placed at the centre of the information hub and takes ownership of all data. Reviewing existing relationships, evaluating new ones, managing tenders and the like, becomes easier. Multiple relationships can also be managed within one solution.

Using a more efficient information management platform enables the intermediary to lower his costs. By using best-of-breed platforms, the smaller to mid-sized brokers can compete with the 'mega' brokers regarding the offering of client extranets, as competition can focus on technical skills, rather than the investment of millions in an IT facility. And the underwriter can now access historical information as well as assess new data in a more time-efficient manner. Multiple parties within the (re)insurer's organisation can access data, thereby increasing efficiency and reducing reliance on the lead underwriters as the company's postman.

Further, by establishing a new information sharing environment between stakeholders, and adopting real-time collaboration, risk managers increase the likelihood of achieving timely renewal certainty - an item which may feature on an increasing number of balanced scorecards.

Alain Gray is managing director, Accelerated Implementation Solutions Ltd (AIS), Tel: 01923 839 998, E-mail: Alain@Gray-Cells.co.uk. AIS is a member of the idRisk Group (www.idrisk.com)


A multinational with a dynamic risk profile linked to its high level of acquisitions and disposals wished to move from a cumbersome e-mail-based relationship with its broker to a web-based CIM solution. It approached its broker with a request to present a solution.

Within two weeks, platform and high level information architecture were reviewed and agreed. Within three months, all underwriting data and other useful information were loaded.

While not initially considered, the CIMS was introduced to insurers as well. Through a combination of client and broker unambiguous buy-in, as well as the platform's comprehensiveness and user-friendly interface, acceptance from the lead underwriter was quickly obtained, with the remainder market following suit. Overall, substantial cost savings were made from the reduced administrative burden. Insurers also benefited from the a dynamic information platform rather than the annual (and immediately out-of-date) information CD-ROM.

By common agreement, all transactional documents (ie those requiring signing) were still managed as before. The unambiguous acceptance of the solution as a collaborative one, rather than a transactional one, was made at the start and was deemed key to its success.


- Spending too much, too early: being too impressed by technology and spending a large amount of money on licences and IT infrastructure while underestimating the non-IT elements. Why not run a pilot first, assess the cost/benefit/issues equation and then take the plunge?

- Underestimating the specialist skills of information analysis and architecture: a poorly structured common data repository can rapidly become a headache for all users.

- Assuming that CIMS can only be implemented by brokers: while the large broking houses invested heavily in the creation of strongly broker-branded extranets for clients, time has moved on and there is no technical or strategic reason why CIMS should not be initiated and owned by clients and maintained by brokers.

- Integration with other systems: deploying a free standing CIMS can generate tremendous benefits. The prize will be all the greater if the accent is first placed on acceptance and use by stakeholders. Keep integration plans - other than perhaps single sign-on/link to LDAP - to phase 2.


- underwriting data - by class of business
- survey reports
- renewal schedules
- location data
- business continuity plans
- service level agreements
- slips, endorsements, bordereaux, contracts
- contract warranty details
- joint calendar (renewal dates, mid-year events,)
- contact details
- risk register
- discussion board
- market security data
- research and reference material
- useful website details
- client//broker issues log