Tag Archives: information technology

Increased Threats for Manufacturers

Let’s be honest: Operational motivations are about speed and efficiency, not security. For manufacturing organizations to effectively manage cyber risk, they first need to understand that the global digital transformation making businesses run smarter and more efficiently is also creating a widening security gap that must be addressed. 

Creating Industry 4.0

In manufacturing, investments are largely motivated by the pursuit of increased operational effectiveness and efficiency: doing more for a lower per-unit cost. Often, these investments manifest as new operational technology (OT), for instance to enable higher degrees of automation, accelerated assembly timelines and improved real-time insights. New OT gets added to a large information technology (IT) stack, which has often been built over several decades; in that time, the IT stack has become a complex mix of legacy, aging and modern solutions held together by vulnerable protocols and a “don’t touch what isn’t broken” stability strategy.

Industry 4.0, driven by the pursuit of OT, is the connection of industrial equipment that accesses and analyzes centralized operational data. In essence, this is the next industrial revolution in advanced manufacturing and smart, connected, collaborative factories. This new paradigm is characterized by the action of the physical world becoming a type of information system through sensors and actuators embedded in objects and linked through networks. Beyond having the potential to completely change material and manufacturing processes, Industry 4.0 is expected to contribute to more efficient operations by aggregating data across all facilities, letting companies monitor, measure and improve performance. 

This digital transformation introduces new generations of intelligent solutions and integrates these solutions into existing manufacturing processes and technologies including SCADA/ICS and PLCs. In many cases, this collection is controlled by a manufacturing execution system (MES), which is tightly integrated into the manufacturing organization’s ERP system.

See also: The Rules of Digital Transformation

The Threats Grow

Unfortunately, this pursuit of improved operations comes with an unintended consequence: a widening security gap. As manufacturing has become more connected, the threat surface—the collection of points an attacker can use to try to gain access—has increased substantially and now extends from endpoints and networks into cloud services. In fact, the entire manufacturing process (and, by extension, the company that depends on that process running effectively) is more vulnerable to cyberattacks. From opportunistic attacks using commodity malware as a service, to sophisticated hands-on-keyboard attacks that surgically evade defenses, to advanced persistent threats that can operate for years undetected, to industrial espionage using legitimate credentials harvested from phishing campaigns—the list is long, and the consequences can be devastating. 

Modern threats can readily bypass legacy antivirus solutions and take advantage of vulnerability windows. Organizations need solutions that can harden endpoints, prevent polymorphic malware and fileless attacks, mitigate malicious code execution and provide investigation and remediation capabilities with dynamic response to security incidents. 

As the knowledge of the growing threat landscape solidifies, tension develops between two core factions: OT and IT. Security was a distant priority when vendors created their new OT solutions, yet IT understands the security risks and best practices and wants to take the time to do things as safely as possible. OT is under pressure to hit targets and can feel like IT is slowing them down by unnecessarily overstating the risks. Plus, manufacturers must grapple with systemic vulnerabilities in operating systems and control systems. For instance, it’s important to recognize that many industrial communication standards don’t even consider security because they are based on the old firewall model of complete trust within the network. 

But from the shadows comes a third party: attackers. These bad actors see highly connected, unprotected systems built by vendors that know very little about system security and that are content to pass risk to their customer—the manufacturing organization. 

Additionally, the supply chain is vulnerable. As trusted partners, third-party vendors often become the overlooked or unwitting accomplice in criminal activities. A Spiceworks survey of 600 IT and security decision-makers that asked about supply chains highlights this risk. 

While the majority of respondents felt confident in their vendors to keep data safe, nearly half (44%) of firms had experienced a significant, business-altering data breach caused by a vendor. Human error and stolen passwords accounted for 26% of the breaches, while malware played a key role in half of the attacks. 

While past attacks against major manufacturers and industrial facilities were espionage believed to be sponsored by nation states and based on ideology, many of the latest attacks are the work of cyber criminals motivated purely by profit. Of course, criminals don’t need to shut down a facility to extract payment. In many cases they exfiltrate sensitive information (trade secrets, proprietary data and intellectual property, financial details, private emails, account credentials) and then threaten to release it publicly if a ransom isn’t paid. In some cases, attackers have even weaponized regulations like GDPR, which impose fines when breaches compromise personal information. 

See also: Will COVID-19 Be Digital Tipping Point?

As operation and information technologies converge following an almost predictable path of profit-driven natural selection, the leaders of each group have yet to attain a similar level of integration. The operational groups lack the security expertise of their IT counterparts, and IT experts are often excluded from operational decisions, creating an inherent vulnerability that reaches to the top of the organization.

Cybersecurity is not an IT problem to solve; it’s a business risk to manage. Until manufacturers realize that OT and IT are not in competition with each other, they will remain easy prey for cybercriminals who recognize this philosophical flaw and are willing to exploit it.

innovation

Does Your Culture Embrace Innovation?

Why does it matter whether your organization embraces innovation by design? We are at the beginning of an era where the confluence of increasingly powerful computing capability, ease of starting a tech-intensive firm and massive data in a deeply networked world will drive more innovation more broadly than ever before. The rate of change and, indeed, the speed with which new incumbents enter markets and existing players fail will only increase. This means innovation must become part of a company’s fabric and its culture to ensure success.

Looking over the past 20 years to gain a better view of the next 20 years, there are three things that stand out, are surprising and are instructive.

  1. Science, geo-politics, sports, weather, information technology and cyber are all areas full of events that, a year or two before the “event,” prominent insiders would have said were not in the realm of possibility—they were not just unlikely but impossible, if not loony.
  2. While impressive, the huge growth and acceleration we have seen in information technology, social media, mobile, big data, several areas of science and cyber all exhibit patterns of the beginning of something—not a pattern of stability, maturation or, even, peaking. The amount of data, the amount of IP-enabled nodes and the throughput cost of computing could all scale 100 – 500 times in the next decade, making today just the beginning of a hockey-stick-like curve.
  3. The simple truth, threat and opportunity is that the rate of change is increasing across all areas of life while the scale of change is expanding.

What does all that mean? One thing is certain: Being agile is not enough. Those who effectively embrace innovation at an organizational (if not cultural) level will fare better than those who do not. Indeed, if this is the beginning of accelerating rates of change with massive outlier impacts, then driving innovation pragmatically across an organization is imperative.

See Also: Innovation Trends in 2016

If, from the top, the mission for everyone in an organization includes being innovative, this can become part of the fabric, the culture of the organization. Businesses that effectively embrace innovation at a cultural level will fare better than those that do not.

Still, there is a massive amount of fog surrounding the word “culture.” I often hear it is the insurmountable obstacle to innovation at scale and pace.

One Fortune 500 Example: Motorola

In the early 2000s, I was an officer with tech and business responsibilities at Motorola. The culture was largely internally focused, obsessed with continuous (often marginal) improvements, in love with engineering and intellectual property (IP) filings and not necessarily the monetization of IP. It was a family-oriented culture with, literally, generations of the family working at the firm. But the firm was failing.

The board brought in a new CEO from Silicon Valley, and we changed the company culture radically in 18 months. We did six simple things, instigated and championed by the new CEO:

  1. Clearly communicated a broad new mission about being externally focused, fast-paced, innovative and customer-centric
  2. Set out the behaviors that we expected and that the company would reward, as well as behaviors we would punish
  3. Continually “sold” (over-communicated) the rationale of why we were changing
  4. Made sure rewards and punishments were publicly meted out to support the new direction
  5. Matched structure to mission and talent to task; (when the game changes from soccer to rugby, not all team members have a role despite prior excellent performance)
  6. Eliminated active objectors and passive resistors who simulated support but were not rowing the boat (a third of the top 120 executives changed in about 12 months, mostly for this reason)

Motorola changed its culture and performance radically in 18 months. We released the breakthrough RAZR phone, which became the best-selling phone of all time. IT, for example, became a platform for tech breakthroughs and even had a venture arm for emerging tech.

Unfortunately, shortly after that, Apple made a thing called the iPhone, we made some very bad leadership talent decisions and we backed hardware over software in our largest business unit.

No amount of motivation or positive innovation culture will save you from a bad strategy that is married to poor talent decisions in key posts, compounded by groundbreaking, world-class competition.

Cultural obstacles

A well-communicated mission, backed up by clarity on what garners rewards and punishments, is key. The rewards and punishments must be broadly, consistently and continuously meted out for the behaviors that merit them. This will drive the behaviors in the organization. Lots of organizations get the reward part generally right, but they fail miserably on the punishment side, then wonder why they have cultural obstacles.

Done properly, rewards and punishments drive the behaviors inside your organization. The sum of those behaviors is your culture. 

Tips for building an innovation culture

Innovation must be about both big and small innovation, not just breakthroughs. Almost all organizations have an untapped wealth of innovation they can access by just eliminating the longstanding negativity that confront the rank and file daily. The front-line person in accounts payable and customer service or the distribution center in Managua may have process ideas that are innovative and high-impact for the whole organization.

See Also: Tech Innovation Is No Longer Optional

The simple question, “What really dumb stuff do we do around here?” in the right penalty-free environment usually unleashes a torrent. But without a culture of innovation, small, incremental, continuous improvements lie dormant.

Idea platforms and innovation/suggestion processes are all well and fine, but they should live inside an innovation culture where everyone thinks it’s part of their individual mission, with the underpinning or institutional agility and continuous improvement that goes with it. Again, you are not asking each person to reinvent Google, Facebook or the low-cost Fusion; you are rewarding them for innovative improvements.

To keep up with the changing external environment, an organization must be adaptable, agile, great at managing change and effective at the necessary but mundane underlying program management. An organization must also be deeply externally aware and manage emerging potential challenges, opportunities and threat profiles as far in advance as possible. No culture can remain innovative if it is internally focused and not connected purposefully to the outside world.

One simple approach to help instantiate innovation is to use “HLI” and that modern cultural artifact PowerPoint to drive innovation into the bedrock of the culture. I did this at several firms where PowerPoint was closer to an addiction than a facet of the culture. Quite simply, I insisted every program update, every group or function presentation, start with HLI.

  • H = Highlights: Show highlights of what the team did well. The real objective is to say “thanks” and acknowledge a mini win. Over time, teams start to think in terms of what they can put under ‘H’ on the front page. Accomplishment and recognition of accomplishment are necessary for a motivated environment.
  • L = Lowlights: Here you want to see some stretch, some failure. But, most of all, you want to see some learning and experimenting. By reviewing this without beating anyone up—maybe even praising the effort—you eliminate the fear. The message quickly goes through the organization that no one got killed for stretching or trying harder and occasionally dropping the ball. This also helps kill one of the most anti-innovation elements in business, the “under promise, over deliver” malaise.
  • I = Innovation: This is simply asking what you tried that was new, what you grabbed from phase two and did in phase one, what serial process you made parallel, what new method or tool you used, what you borrowed from prior efforts, etc.

If anyone shows up with a presentation that doesn’t lead with HLI, you politely cancel the meeting and get them to come back later. Over time, this creates activity inside teams so they can fill in the three sections. Teams start to have early conversations about how they are going to innovate, stretch and learn.

Innovation at scale requires change management 

There are many stories about the initial excitement of going big on innovation that are then followed by failure and disillusionment because the leadership attention waned as the novelty of the program passed and the hard work of change management, scaling and maintaining ensued.

I cannot talk about creating a culture of innovation without also teaching which change management models work best. It sounds obvious to say driving a culture of innovation is change-intensive, yet I almost never see a decent understanding of change management models and which one is most effective.

There are four basic management models:

  1. Edict
  2. Persuasion
  3. Participation (the communities of interest help define the change)
  4. Intervention (the sponsor justifies the need for change, monitors the process and communicates progress)

The change management model that has the highest frequency of success is intervention. It is at least twice as effective as the next-best model. It requires active leadership to continually “sell” the vision or plan, even while executing it. Understanding how that works and making sure everyone understands and follows the changed playbook are topics for a later article.

Suffice it to say, if you were to map the change processes at most firms, they often resemble spaghetti–an inefficient, unintended, sub-optimized maze. The majority of large tech-intensive programs are late, over budget, deliver less than promised or all of the above. Most companies have never mapped their processes and assume all is well.

Bottom line

Creating a culture of innovation inside a supporting ecosystem with a modicum of useful tools and the right leadership can lead to great success. Innovation is a pragmatic, broad-based journey, not a fad-centric exercise. Done well, innovation is the key to being effectively agile, and it is a concrete force multiplier. It very well may be the only sustainable competitive advantage over the next decade.

Do you have a culture that can innovate broadly, or do you have a silo-ed innovation team or champion or campaign?

How Work Comp Can Outdo Group Health

We all know the current healthcare system in the U.S. delivers erratic quality at unsustainable, yet ever-increasing, costs. Workers’ compensation medical care is affected by those costs. 

A major shift in the health industry, value-based healthcare, will benefit workers’ compensation. Embracing selected new medical management methodologies put forth in value-based healthcare has the potential to be powerful.

Value-based healthcare means restructuring how medical care is organized, measured and reimbursed. It moves away from a supply-driven system organized around what physicians do to a patient-centered system organized around what patients need. The focus is shifted from volume and profitability to patient outcomes (quality care). When fully implemented, the overall impact will be nothing less than staggering.

Porter and Lee, healthcare industry strategists at Harvard, have described six value strategies necessary to achieve healthcare industry transformation. Many of the changes are now underway in ACOs (accountable care organizations) such as the Cleveland Clinic, proving the concept. These defined initiatives produce desired results—quality care at less cost. 

Six components of value-based healthcare

The following briefly describes the methodologies necessary to transform healthcare, according to Porter and Lee.

  1. Integrated practice units (IPUs)—meaning multiple specialists practice together, resulting in comprehensive and integrated medical care rather than fragmented, duplicated services
  1. Measure true outcomes and costs for every patientWhen outcomes are measured and reported publicly, providers are under pressure to improve. Fraud and self-dealing are reduced.
  1. Bundled paymentsPayment bundles are capitated single payments for all the patient’s needs during defined episodes of care, such as specific surgical procedures. Providers are rewarded for delivering quality while spending less.
  1. Integrate care delivery systemsServices are concentrated and integrated to eliminate fragmentation and to optimize the quality of care delivered at any given location.
  1.  Expand geographic reachCenters of excellence are developed where expertise is gained through higher volume of similar procedures.
  1.   Information technologyData mining powerfully enables the first five initiatives and informs services and decisions.

As Porter and Lee say, “Whether providers like it or not, healthcare is evolving from a proficiency-based art to a data-driven science, from freelance physicians to hospital-employed physicians, from one-size-fits-all community hospitals to vast hospital networks organized around centers of excellence.”

Value-based medical management in workers’ comp

The goal of value-based medical care is to enhance quality outcomes for patients (injured workers) while reducing costs. Focusing on quality (what the patient needs) actually reduces costs.

For group health, the measures are physical and philosophical, requiring widespread disruption in how services are organized, delivered and reimbursed. However, workers’ compensation payers can benefit by incorporating three of the six value measures into their medical management process now.

  1. Measure true outcomes and costs for every patient (the injured worker)

Physician performance is scored based on injured workers’ experience and outcomes along with cost. Providers who score poorly can be avoided.

  1. Bundle payments

Bundling is capitating payments for all the services required for procedures such as specific surgical procedures, including all associated pre-op and post-op care. The costs are kept in line because providers need to stay under the cap to be profitable. They also focus on quality, because re-dos, redundancy and complications add cost to the service bundle, thereby diminishing profits. Prepare to see bundled payment options available to workers’ compensation sooner rather than later.

  1. Information technology

The data in workers’ compensation, while in silos, is all organized around individual claims and injured workers. When the data is integrated at the claim level, patient experience, provider performance, outcome and cost analysis opportunities are unlimited. The more comprehensive and accurate the data, the greater the opportunity for gain.

Those who cling to traditional seat-of-the-pants medical management will be left behind. Those in group health may be hampered by slow regulatory change, organizational upheaval and resistant providers, while workers’ compensation payers are free to adopt transformative value measures now. Organizations that progress rapidly to implement the value agenda will reap huge benefits.

7 Ways Your Data Can Hurt You

Your data could be your most valuable asset, and participants in the workers’ compensation industry have loads available because they have been collecting and storing data for decades. Yet few analyze data to improve processes and outcomes or to take action in a timely way.

Analytics (data analysis) is crucial to all businesses today to gain insights into product and service quality and business profitability, and to measure value contributed. But processes need to be examined regarding how data is collected, analyzed and reported. Begin by examining these seven ways data can hurt or help.

1. Data silos

Data silos are common in workers’ compensation. Individual data sets are used within organizations and by their vendors to document claim activity. Without interoperability (the ability of a system to work with other systems without special effort on the part of the user) or data integration, the silos naturally fragment the data, making it difficult to gain full understanding of the claim and its multiple issues. A comprehensive view of a claim includes all its associated data.

2. Unstructured data

Unstructured documentation, in the form of notes, leaves valuable information on the table. Notes sections of systems contain important information that cannot be readily integrated into the business intelligence. The cure is to incorporate data elements such as drop-down lists to describe events, facts and actions taken. Such data elements provide claim knowledge and can be monitored and measured.

3. Errors and omissions

Manual data entry is tedious work and often results in skipped data fields and erroneous content. When users are unsure of what should be entered into a data field, they might make up the input or simply skip the task. Management has a responsibility to hold data entry people accountable for what they add to the system. It matters.

Errors and omissions can also occur when data is extracted by an OCR methodology. Optical character recognition is the recognition of printed or written text characters by a computer. Interpretation should be reviewed regularly for accuracy and to be sure the entire scope of content is being retrieved and added to the data set. Changing business needs may result in new data requirements.

4. Human factors

Other human factors also affect data quality. One is intimidation by IT (information technology). Usually this is not intended, but remember that people in IT are not claims adjusters or case managers. The things of interest and concern to them can be completely different, and they use different language to describe those things.

People in business units often have difficulty describing to IT what they need or want. When IT says a request will be difficult or time-consuming, the best response is to persist.

5. Timeliness

There needs to be timely appropriate reporting of critical information found in current data. The data can often reveal important facts that can be reported automatically and acted upon quickly to minimize damage. Systems should be used to continually monitor the data and report, thereby gaining workflow efficiencies. Time is of the essence.

6. Data fraud

Fraud finds its way into workers’ compensation in many ways, even into its data. The most common data fraud is found in billing—overbilling, misrepresenting diagnoses to justify procedures and duplicate billing are a few of the methods. Bill review companies endeavor to uncover these hoaxes.

Another, less obvious means of fraud is through confusion. A provider may use multiple tax IDs or NPIs (national provider numbers) to obscure the fact that a whole set of bills are coming from the same individual or group. The system will consider the multiple identities as different and not capture the culprit. Providers can achieve the same result by using different names and addresses on bills. Analysis of provider performance is made difficult or impossible when the provider cannot be accurately identified.

7. Data as a work-in-process tool

Data can be used as a work-in-process tool for decision support, workflow analysis, quality measurement and cost assessment, among other initiatives. Timely, actionable information can be applied to work flow and to services to optimize quality performance and cost control.

Accurate and efficient claims data management is critical to quality, outcome and cost management. When data accuracy and integrity is overlooked as an important management responsibility, it will hurt the organization.

Modernization: IT Enables the Future

Finance functions and actuaries face regulatory pressure to enhance reporting, markedly improve response times and provide increasingly demanding business partners with better and more actionable information about their businesses. Advanced analytics from IT improvements will help achieve the strategic objectives.

Naturally, insurers should provide themselves with the best reporting platform they can reasonably afford. However, unlike in years past, cutting-edge reporting is just table-stakes, not a competitive advantage. Rather, competitive advantage will come from:

  • An information strategy that enables transparent and compliant financial analysis and facilitates the ability to make informed business decisions.
  • Information management capabilities that are foundational and support finance (broadly defined) and the business overall.
  • Establishing a clear and practical vision: Identifying what will make the vision a reality will enable organizations to create a road map for change.
  • Gauging the appropriate spending rate to determine how quickly the company can implement the roadmap.

Companies that do not go beyond their reliance on core reporting systems for their financial insight will be at a competitive disadvantage. There is no silver bullet for building needed capabilities, and companies will need to rethink their IT portfolio allocations and approach to spending. A steady investment will help companies build their strategic information infrastructure and effectively assess their needs on an iterative basis.

The case for change

Many insurance companies have invested in cleaning data for the purpose of reporting and analysis. Whether your company has started doing this or not, the following are important considerations to keep in mind:

  • No organization has the financial resources to cleanse and array all the data and information it may ever want and make it available whenever it wants it. Efforts to boil the ocean fail.
  • Companies will need to build capabilities in three areas:

–        Develop focused information strategies to support actuaries, financial executives and the other people in the organization who rely on financial and reporting information.

–        Frame the future-vision build and fund a flexible road map for implementation. Ensure that the road map prioritizes the most important things first and that it can change to meet new demands and realities as they arise.

–        Manage data and information, including data ownership, data governance and the ability to cleanse and provide the data in such a way that it can be presented in advanced tools and manipulated by end-users, while maintaining integrity in the source-information.

  • Companies currently spend a great deal of time and money on information management, but the information tends to reside in disconnected platforms, projects, data-bases and tools. Investment levels need to match the company’s vision, and there needs to be an organizational awareness that combining disparate efforts into a cohesive information strategy can partially offset high costs.
  • While finance and actuarial are the primary drivers of insurance modernization because of their needs to report and book results, there is a related need for all business partners to supply, receive, analyze and explain financial and related operating data.
  • Furthermore, insurance modernization will create the foundation for an enterprise-wide range of data and analytics. HR, marketing, customer, distributor and operations information and analytics all will rely on the same core capabilities, disciplines and infrastructure. A uniform approach is what will provide a real competitive advantage.

Characteristics of a modernized company

In a modernized company, a synergy of efficient, well-tuned processes with clearly defined expectations by stakeholder group exists between the risk, finance, actuarial and IT functions.

  • Data – Data strategy is defined, and the organization executes its responsibilities according to this strategy. Rather than the traditional bottom-up data approach where the analysis capabilities flow from the collected data, data is strategically viewed top-down. The company identifies analytical needs and then adopts a data strategy that supports them. In a modernized company, data flows from a “single source of the truth” and can be extracted for analytical purposes with minimal manual intervention.
  • Tools & technology – Tools and technology enhance the effectiveness of the finance and actuarial departments by providing them information faster, more accurately and more transparently than traditional ad hoc, end user computing analyses (usually performed in Excel). Specifically, tools that focus on data visualization can more effectively convey trends and results to management. Algorithms can be programmed to automate first-cut reserving analyses each quarter based on a rules engine (e.g., how loss development factors are selected or weighting methodologies), which can help point staff to business segments that may require deeper analysis in the quarter.
  • Methods & analysis – Modernized organizations emphasize robust methods and analysis that yield superior insights over traditional methods. Examples include predictive analytics, which have transformed personal lines pricing and are currently being adopted in the commercial arena, and stochastic analysis, which adds additional statistical rigor to deterministic analysis and thereby helps actuaries transparently prepare reserve range indications that help management understand reserve risk.
  • Organizational structure – Delivering superior business intelligence to management is often dependent on organizational structure and resources, and many companies are debating the merits of centralized, decentralized or hybrid organizational structures. PwC believes the organization of the future will align its capabilities as much as possible with the end-user, with IT serving as a backstop that can provide what end-users need.
  • Spending – A concerted, cohesive insurance modernization program will require a change in the portfolio spending on information management. Spending will change from covering disparate efforts to strategically aligned ones.

The benefits

The primary benefit of insurance modernization is better and more responsive reporting, actuarial analysis and the ability to support financial decisions. The second, and perhaps more critical benefit, is improved analytics and decision making for the rest of the organization. More specifically, insurance modernization:

  • Aligns data management initiatives and governs the success of their implementation by clearly articulating both the company’s strategic mission and a measurable definition of success.
  • Aligns projects and initiatives with desired outcomes by creating a road map with measurable milestones from vision to project completion.
  • Facilitates prioritization of capabilities and initiatives based on overall goals and objectives, as well as realizable benefit.
  • Measures the business value of initiatives and projects by linking desired outcomes (goals) and measuring progress against objectives.
  • Enables measurement of program progress during rollout and informs the release planning and investment process by linking performance indicators and objectives.

The thought of potentially overhauling entire systems, processes and functional areas may understandably seem overwhelming for company executives as they set out to modernize their organizations. Modernization, indeed, is a long journey that will most likely have a high price tag. However, even if the ideal goal of modernization is holistic improvement, there is value in identifying the individual areas that most need modernization. As one area becomes more streamlined and efficient, then other areas will begin to reap the benefits.

Critical success factors

Business leaders are frequently frustrated by the fact that tactical initiatives’ results do not reflect their organizations’ mission or vision. Frequently, strategic goals are mistranslated or forgotten when it comes to defining and developing how to achieve them. In addition, efforts to improve organizational effectiveness tend to focus narrowly on the execution of existing tasks. As a result, functional improvement efforts often fail to result in meaningful benefits for the organization overall.

Strategic business architecture (SBA), which we advocate using, translates high-level business direction into tangible goals and objectives. SBA documents business-driven priorities and decisions and aligns projects and initiatives with desired outcomes. As a result, business and technology leaders can prioritize initiatives and measures their progress.

At the same time, operational business architecture (OBA) documents how functions and the overall organization realize business strategy and goals. OBA helps improve the functional core by identifying relevant stakeholders within the context of the larger architecture. OBA aligns operational stakeholders in a consistent way with the strategic and technical stakeholders that may not be involved in a given functional or process improvement initiative.

Call to action – Next steps

Insurance modernization is not about technology modernization for its own sake. It is about how technology can enable risk, actuarial and finance to share a “single source of the truth” and serve the entire enterprise with consistent, actionable information.

Strategies to realize effective organizational modernization will require a holistic consideration of all data, methods/analyses, tools/technology, processes and human-capital requirements and will need to address the business and operational changes necessary to deliver new business intelligence metrics. Any weak links between these closely connected components will limit the effective realization of a modernization effort.

If we view dimensions of insurance modernization as gears that spin together (i.e., efficiencies/ inefficiencies in one dimension(s) have repercussions for other dimensions), then improvements in any dimension will yield improvements in all dimensions and vice versa.

Although a modernization vision should be holistic to avoid “digging up the road multiple times,” it is possible to tackle modernization issues in logical, progressive ways.