The more a risk manager knows about her organization's risks, the better those risks can be managed. And the key to "knowing" is often hidden in the byproduct of a business--the data. While data capture is often viewed as a necessary evil in order to meet the formidable regulatory requirements of a business, data can also be a goldmine of opportunity to better understand the business, as well as the associated risks.
To deliver on these lofty potential benefits, however, the captured data must first and foremost be consistent, accurate and accessible. That's the real challenge. After all, anyone can capture lots of data, but lots of inaccurate and inaccessible data is of little value in assessing risk and in the subsequent decision-making.
It's critical to start with the end goal in mind--that end goal being the defined risk management objectives. By focusing on these objectives, a risk manager can better determine specifically what information is needed and what data to capture.
And when it comes to data, more isn't necessarily better. Capturing the right data and putting it in the right format should be the focus, rather than collecting it all and sorting it out later or, worse yet, leaving critical data unharvested.
With the risk management goals clearly defined, let the data collection begin. But, begin where? The problem with most data processing is the people--but, then again, the answer to the problem is also the people.
Most companies have come to rely on technology to cure virtually every ill, but the process still starts with the human element. Data consistency and quality is of utmost importance, so minimizing the potential negative impact of the human element becomes tantamount. With a plethora of processing systems strewn throughout the typical business enterprise, it's no wonder that the associated data is also spread from one end of the operation to the other, often in duplicate and triplicate, and frequently without a check-and-balance to ensure consistency.
To solve the data-capture conundrum once and for all, risk managers should look to their best people in order to identify the best data-capture practices. These are the folks who know how to get the job done, get it done right, and work through both system and process limitations to get the data they need, when they need it. Making these proven best practices the company's normal data-capture practices will reap the highest quality and most critical data.
Risk managers would be better served by starting with only that current data that can be validated as high quality and consistent, rather than trying to fix the old and suspect data or fill in the gaps. Too many firms begin by sorting through the decades of data stored hither and far throughout the organization. The rush to implement data warehouses several years ago resulted in many a failed project--a lot of dollars spent with few business results to justify the expense.
Risk managers should start with a high-quality base of data, even if it is a small sample compared to the desired data picture, and a commitment to put a consistent data-capture best practice in place to build a solid set of data for future risk assessment and decision-making.
BRIAN S. COHEN is president of Clear Technology, a software provider for insurance companies, third-party administrators and other related organizations.
April 15, 2007
Copyright 2007© LRP Publications