Given the ever-changing risk scenarios in Enterprises, Enterprise Risk Management (ERM) has been rooting well in the corporate culture. Risk can be of any form in policy management, policy implementation, operational management, physical and application security and so on. ERM implementation to UHG is more like discipline rather than quantifying issues. UHG’s dynamic policy management to create a robust environment takes precedence in the list. UHG has been phenomenal in promoting risk assessment tools to analyze and mitigate risks at every stage of operational activity.
UHG also set the right examples for other businesses irrespective of its type with its methods, like integrating ERM at C level for decision making. Though, UHG operates with multiple businesses under different names ERM implementation was not so trivial. This article deals with the successful implementation of the ERM in United health group (UHG). Some key driving attributes like governance, transparency, decision making etc. accounted for success will be discussed in this article. In addition, we will also deal with specific instances which turned the tables in favor of UHG during ERM implementation.
Enterprise Risk Management (ERM) is one of the critical foundational blocks for business development. In early 90s companies focused on result-oriented approach for business expansions. Contribution of finances is more focused in marketing rather than product development. There are various stages to take a product into market. For example, consider an insurance policy for less than $100. So, the usual approach is to makes sure people know about it with aggressive marketing.
Obviously, there will be a huge growth in insurance policy sales as it is cheap and affordable to lower middle class which covers more than 40% of the population. When you get a policy for such an affordable rate people don’t generally look for coverage details, they ditch their previous vendor for this new cheap policy. The important thing is, an enterprise may do this to attract a large customer base. But, a promise comes with a problem. Key issues arise when a customer is ready for a claim. False claims, improper coverage, litigations, improper customer support. Few of these may lead to a scenario where it affects the brand value, and at a point it leads to a magnanimous failure. The reasons may seem simple, but, the failure is because of some key decisions by teams without proper risk analysis. Risks are quite common, developing a risk-free policy is not possible and no one can be blamed, but failure to accept the risk and lack of proper mitigation during crisis is a huge mistake. There are n number of governing agencies which drive different businesses. The goal of governing agencies is to set standards and principles to be followed by enterprises. In simple words they act as a bridge between the corporate and free world. Strategic business development, Risk assessment, Performance indicators, Decision making hierarchy, time bound policy reviews are shaping the 20th century corporate culture. There are some popular frameworks like ISO 31000, Committee Of Sponsoring Organizations (COSO) which primarily focus on key areas like Risk Identification, Risk Analysis and assessment, Risk Control by Monitoring. Qualitative and Quantitative analysis at every stage of product development to product readiness. Practically, 100% risk free method isn’t possible, but, quantification of the process and methods is possible.
UHG is a medical insurance company with many companies under its wings. With thousands of employees UHG will have a herculean task to maintain it posture in the market. Insurance based companies rely on financial work flows and customer management. It is quite important for UHG to develop business with compliance as many regulatory agencies will focus if business follows frameworks like PCI, SOX, HIPAA. Only 10% (Management) of all the employees focus on business and the rest 90% focus on specific task completion. Management had to work on long term goals, products, employee satisfaction, customer satisfaction, financial expenditure, compliance, training and personality development and everything that keeps the business live in market. Also, it is common to have issues if there are no proper frameworks, guidance and right decisions. ERM helped in enhancing governance on key areas and injecting it as a culture deep into the employees. Decision making is key as it involved factors internal and external to the environment. UHG had made meaningful contribution in developing teams under Chief Risk Officer (CRO) to oversee and institutionalize Risk monitoring as an operational activity. CRO was made responsible to adopt ERM policies and integrate it as a philosophy. Teams under CRO built strategic regulations to product development, value capitalizations, approval hierarchy, time bound tasks with monitoring capabilities, infrastructure security. Risk is different at technology level and business level. ERM teams quantified these gaps though corporate drives key processes.
There is no clear base structure to identify how many prefer brand over quality, but, it is quantifiable to tell how many prefer both. UHG management has been instrumental in creating a value to it’s name. All ERM had done is to make sure it is maintained and grown exponentially. Though being in industry for a long time had attributed to its success, ERM helped in taking it a step further. ERM team had worked extensively on situational awareness and operational governance. Customers are key to any business, fate of a product relies on customers who primarily have issues in understanding products and seek support for better awareness. ERM teams made sure to have 24/7 support to assist customers and escalation of issues as per hierarchy to make sure customer is always satisfied. Operational alignment with managerial teams helps in quick resolution of issues. Transparency is on of the key factors in business alignment. Establishing accountability for known risks which could potentially impact UHG helps in bridging the gap between management and employees. UHG created a “Risk Universe” to assess different risks across various portfolios. This universe helped as a common literature to Board, governing agencies (auditors) which helps in amalgamating risk types across the enterprise.
Project pace – UHG reduced its pace on project implementation before they take off. This allows Business to analyze key factors which could be potential risk. There will always be something which will be right under our nose which could go wrong like engaging right people, involving business partners.
Quantifiable Risks: we may not find a solution for each risk that we take at a stage. We should follow standard procedure for every task keeping business in loop by smart work. UHG’s risk universe helped in standardizing a procedure for all risks. We cannot dig deep on first day.
Best practice development: It is important for business to estimate the financial growth and product growth at every quarter. At UHG, Auditors along with top tier management included risk assessment as a key attribute to growth and formulated certain best practices in key areas while making sure goals are in line with progress.
Risk team: Though risk teams are new, UHG adopted a policy to give fee hand to these team for developing strict policies and procedures. Team members come from various field to provide expertise and make best use of analytics. It is quite evident they need to work more often with third party companies who specialize in different portfolios. They indeed play a key role as the assessments and review mainly depend on these statistics. Teams should be diverse enough to keep an eye on changing markets.
ERM culture: Adopting something new is always tough because of new best practices. CRO’s often insist on simple policy management so that employees are inline with management’s new efforts. Definite programs with themes that might attract employees and other business partners which instills confidence.
Education and Training: Employees are the basic building blocks for an enterprise. Employees should be included in this new adoption. Regular training on security development procedures will have long lasting effects. New policies and procedures should be available to every employee at all time for easy implementations.
Security to own technologies – infrastructure development and protection, providing security measures to databases and patent rights.
Physical and Virtual Infrastructure Security:
If we call all other KPI’s as heart. Infrastructure security is the soul. Whatever we do in an enterprise it is part of the physical hardware protected in a secured location. With the growing security concerns in the present world it is quite evident that every access can be broken indefinitely. Security to these appliances or devices should be protected in secure locations. Audit and compliance are must needed in infrastructure development. Information technology domains spend a considerable finance for infrastructure development. UHG needs to be PCI, PII, HIPAA compliant as regulatory agencies are quite strict with database containing customer personal information. Perimeter needs to be secure with proper architecture including firewalls, Intrusion prevention and Detection systems (IDS/IPS). Public internet facing zones should be protected with multi-layer security and should be resilient in case of attacks. Apart from physical infrastructure with the advent of hybrid cloud computing and storage need to protect IHG cloud-based services hosting databases with customer information were protected with cloud security services has become a big concern because of limited finances and lack of technological progress. ERM played a key role in pointing these deficiencies as key issues and matters of concerns. Initially ERM developed a plan to work on core network build which strengthen the network perimeter. After working on first line of defense, focus was laid on re-building the architecture with new age technologies like next-generation firewalls and cloud based multi factor authentication. Most of the servers and zones are open initially, but as a part of the ERM plan, multi factor authentication has become mandatory to most of the infrastructure access. Traffic from every end is being monitored through syslog servers to provide visibility to various teams. ERM teams were quick in operationalizing the network infrastructure to work on key network issues.
ERM team work is the main essence for United Health Group success even with multiples businesses. Quantifiable solutions through strict governance has been the corner stone for their success. UHG was never old fashioned in market and continued to evolve to new age decision making process and integrating risk management into the process. ERM made sure to have a “no surprise business environment”. Business needs grow day by day and UHG was able to accommodate demands with zero risk policies. Operationalizing and continuous monitoring are key blocks which attributed to ERM development in UHG. Employees were involved in decision making through small groups and reviews were never neglected. Marketing make take the product into market, but employee reviews takes the business into market. Culture was so deep that every employee feels responsible and concerned about various issues. This itself defines the evolution of ERM as a philosophy in the organization.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download