Internal Auditors in Insurance Sector have greater role to play in major IT Projects

Internal Auditors need to get involved earlier in major IT projects to stem a considerable waste of time and financial resource in the insurance sector, according to new research from accountancy firm PKF Littlejohn.

In a study of 50 insurance companies and brokers, PKF Littlejohn found that the insurance sector was failing to effectively implement IT change management projects, leading to user dissatisfaction, cancelled projects and poor returns on investment. 

Despite 83% of respondents having a formal IT change management framework, all of those surveyed experienced significant time and cost overruns in major IT projects at least once in the past three years.  Almost a quarter stated that all of their major IT projects overran significantly on timescale and cost during this timeframe.

Moreover, over two-thirds of organisations revealed that that they had cancelled at least one major IT project once it had got underway.  User satisfaction for those projects that did make it through to conclusion averaged 60%, according to the study, suggesting that there is considerable scope for improvement.

Despite these low success rates, the authors found that only a quarter of respondents indicated that that their Internal Audit teams were always involved at an early stage of planning and implementation, with a similar proportion stating that they were never involved.  

The survey also revealed that about half of the respondents felt that Internal Audit should be more involved in such initiatives but were hampered by a lack of resources.

Ian Singer, a partner in PKF Littlejohn’s Internal Audit team, said: “IT change management is a risky and costly business for many insurers and brokers, and everyone has either experienced an IT project disaster first-hand or knows of a calamitous occurrence elsewhere.

“While there are many reasons why IT projects fail, there are a number of simple questions that can help to identify possible weaknesses and increase the likelihood of success.  Internal Audit should act as an early warning system in this regard, highlighting areas of concern that can be addressed before it’s too late.

“There is also a role for Internal Audit in ensuring that the necessary controls are in place from the outset and that rigorous testing is undertaken post-implementation.

“The insurance industry needs to look again at how it manages major IT projects.  A relatively straightforward change – namely early intervention by Internal Audit asking the right questions – could make a significant contribution to improving the chances of a successful project, potentially saving the sector millions of pounds a year in wasted time and money.”