Toll Free: 866-434-3561 SUPPORT

Including Vulnerability and Velocity in Risk Assessments


Including Vulnerability and Velocity in Risk Assessments

There are several categories of risk that insurance companies should be monitoring to identify potential exposures for loss. Some of these categories include the risk of sickness, risk of unemployment, liability risks, catastrophic loss risk, and risk of death. However, there are two additional areas that should be included in risk models: vulnerability and velocity. Without these two components factored in, a risk management model could be inaccurate and ineffective.


Whether risk assessment is being monitored by smaller insurance companies or public risk pools, vulnerability and velocity monitoring can make a significant difference in risk exposure. For this reason, it is important that insurance software solutions include applications for measuring these components.




Vulnerability is defined by the Committee of Sponsoring Organizations of the Treadway Commission as the “susceptibility of the entity to a risk event in terms of criteria related to the entity’s preparedness, agility, and adaptability.” Without the inclusion of vulnerability in a company’s risk assessment, a particular area may be excessively elevated or, inversely, insufficiently shown. Including vulnerability can better allow companies or public risk pools to gauge the extent to which risk exposure exists for a given event and make proportionate provisions to protect the entities’ assets accordingly.




Velocity refers to the speed of time that elapses between the manifestation of a risk event’s occurrence and the actual impact of the event that is felt by the entity. Including velocity in a risk management assessment enables insurers to measure a reasonable preparation and mitigation time span and thus minimize to the greatest extent possible the negative impact on company resources.


Vulnerability coupled with velocity in a risk assessment adds greater depth than the traditional two-dimensional formula of likelihood x impact. These factors can dramatically change the risk score by showing how quickly the impact is likely to affect the company as well as the degree to which the entity is vulnerable to the type of risk being analyzed.


Including vulnerability and velocity in a risk management program not only better aligns an insurer’s position as far as exposure to the potential for disaster, it helps in the strategic planning process for response and mitigation and should be included when considering insurance software solutions for the future.


How the Cloud will Revolutionize the Insurance Industry


Once considered nothing more than a futuristic concept, cloud computing has not only become a standard term used among business professionals, it is changing the face of the insurance industry as well as the insurance software vendors who provide it. While most of the information about cloud computing tends to concentrate on how it affects a company’s IT department, the possibilities extend further into other aspects of the business.


As access and standardization of internet technologies have progressed, so have the advantages of utilizing the cloud for small to medium-sized insurance companies. Just as social media and other applications have become popular for managing information on a personal scale, the growth of the infrastructure of the internet has resulted in the emergence of data service providers with far-reaching capabilities for insurers.


By taking advantage of this type of technology, small insurers can implement systems that rival the in-house enterprise insurance software that larger insurance companies use with comparatively little up-front capital investment. Additionally, these systems can be acquired and implemented in a relatively short period of time with a lower ongoing cost.


There are four levels in which the cloud is helping insurance companies transition from traditional enterprise insurance software: (1) Infrastructure level; (2) Platform level; (3) Application level; (4) Business process level.


The infrastructure level allows companies to utilize basic computing resources with the advantage of greater storage capacities and bandwidth to run their operations. They also enjoy greater flexibility and ease of use than with traditional enterprise insurance software.


The platform level allows insurance software vendors to work with a company’s IT professionals to design and implement online systems in a timely manner, using the cloud provider’s infrastructure.


The application level can be thought of in two sectors. One is commonly referred to as SaaS (Software as a Service) and falls within the scope of CRM (Customer Relationship Management). The second sector deals with the development of desktop tools such as word processing, spreadsheet applications, and communications such as e-mail.


The business process level encompasses an entire business process using an externally provided service via the internet. This level manages all aspects of the insurance business including sales leads, claims processing, accounting, analytical reports and the identification and management of cross-selling opportunities.


The main challenge facing smaller insurance companies when it comes to using the cloud is not a lack of interest. It is inexperience. Fortunately, there are companies that are stepping into the shoes of insurance software vendors to ease the migration of applications and services to the cloud.