IT Solution For Inshore Insurance Ltd

Research has concluded that the timing and location of the crimes and accidents which result in personal, vehicular and household insurance claims have a direct relationship to the frequency and cost. The IIL Board has directed IT to provide IT solutions sufficient to prepare for the next budget cycle due Q4 2016. A Statement of Work has been completed and preliminary estimates for the work has been included in the 2016/17 budget of $1.35 million.

Scope
The IIL Board seeks a high level analysis and recommendations for the IT solution. It is assumed at the outset that the current IIL Risk Analysis Product (RAP) application will provide the necessary functional processing services. The applications impact analysis will be a separate project. RAP is hosted on the current virtualised in-house platform in the IIL data centre. The solution must define a single platform to support a large volume of primary and generated data sourced from existing in-house and cloud platforms.

Storage Requirements  Key factors: (note changes to factors)
? Highly sensitive competitive and personal private data
? Very large volumes of data, low transaction volumes
? Restricted number of users (six users only in HQ)
? Restricted report distribution (six users and CIO)
? Episodic localised workday access only
? Limited performance expectation
? RAP may comprise online and some batch (overnight) processing based on priorities of jobs.

Capacity Data: (note changes to estimates)
? Estimated database size 10TB growing at between 50% to 70% pa
? Service extension for end of 2017 for new Location Intelligence initiatives will initially add a further 10TB of highly sensitive data
? Data retention is 5yrs for personal data, 10yrs for vehicle data, and 20yrs for home data.

Platform Security:
? The highest level of storage security is provided in-house for policy data and customer information. This data has a higher level of security requirement.Archived data is at the same security level as other archived customer and business data.
Access Security:
? Less than 10 nominated users on desktop devices within HQ.
? RAP application is the only API required.
? Access and report distribution security is of equally sensitivity to stored data.
? All access and report distribution will be securely logged.

Conducting system analysis and developing requirements specification is the first step in meeting the business requirements. After a critical analysis, Inshore Insurance Ltd (IIL) realize that their current Risk Analysis Product (RAP) application has some setbacks and cannot address some of the business requirements like timing and locating crime incidences and accidents. Therefore, IIL needs an IT solution that will solve the identified problems. Data storage is one of the essential requirements that the solution should address because of the increasing amount of data that the business is handling. The institution expects that the volume of data will increase drastically and the solution should be able to operate on them using a single platform.

Solution Scope

The IIL board expects relevant recommendations and high-level assessment of the IT solution. The scope of the project is that the Risk Analysis Product that is already in place will be used to process all the required functionalities and user requests. The institution has utilized a virtualized in-house platform to host the RAP application which will remain as an independent project. The solution should also propose a single platform that will be able to process and handle huge volume of primary and generated data.

Solution Overview

The IT solution should be able to address the storage and incident reporting challenges currently faced by the institution. The volume of data is increasing and a high rate and the proposed IT solution should have the ability to generate, store, examine, manage, and archive the data. additionally, one of the key requirements that the solution should meet is the ability to record the location and time when a crime or accident occurs. It should also have access control mechanism so as to restrict the number of users accessing the system to the specified number.

Constraints

There are several constraints that is associated with the project including human resources, financial constraints, data sensitivity, and risks. Data sensitivity is an important factor that should be addressed in software development. It is the responsibility of the institution that the data collected is kept safe from any unauthorized access or external attacks to maintain privacy and confidentiality.

Benefits realization plan aids in identifying, executing, and sustaining the benefits associated with the IT solution. it is essential to have such a plan so as to give guidelines on how to achieve the project objectives and benefits. The realization plan reflects on the strategic goals that the business anticipates for instance, productivity, process improvements, quality, customer satisfaction, efficiency, revenue generation, and rate of customer growth. In project management, a threat model is a crucial tool for managing risks. Having a threat model will help the project team to identify security threats that may face the system, prioritizing them, and providing mitigation strategies. 

Exclusions

The technical details and requirements are not needed at this stage and only involves logical and conceptual design.

The actors include:

• Risk manager
• Claims manager
• Finance manager
• Customer relationship manager

 Design Overview

Solution Architecture

The solution architecture is derived from the business processes that are carried out daily by Inshore Insurance Ltd. The main process is issuing insurance to customers and in case of accidents or crimes, they raise an insurance claim for them to be compensated. A typical system architecture is shown in the diagram below: 

Solution Overview

Project Governance Process

Project governance process has since been considered a very vital part in project management. It provides instructions and guidelines on how to identify risks, prioritize them, and align them against the threat model in order to determine the level of impact. It further provides the best practices and measures that can be adopted to address these risks effectively and efficiently. Managing project risks has become of the governance responsibilities. It involves setting direction, making decisions and providing oversight. 

IT Infrastructure Solution

The solution will be defined both at conceptual and logical level. The conceptual level will provide a general picture of how the solution will work or look like while the logical level will provide a logical design that gives detailed information of how every unit or module of the system works. Both the conceptual and logical designs are necessary because they act as a guideline for the project development team and give the business a picture or design of how the expected product should operate. Logical design acts as a reference material for the software development team to ensure that all the specified requirements in the logical design have been met.

Infrastructure Security

IT infrastructure security is very essential in ensuring data privacy and confidentiality. The following are some of the security measures that can be adopted by IIL to ensure the security of the infrastructure. They include:

• Encrypting data during transmission: this involves encoding data and information being transferred over the network to prevent cyber criminals from accessing and reading por modifying the contents. Encryption is a very effective tool for transmitting sensitive information such as usernames, passwords, credit card information, and other private information.
• Installing firewall on the network: the firewall is the first line of defense to any enterprise network. A firewall is needed to ensure that no malicious traffic is allowed to get into the network. It operates by analyzing the traffic that gets into the network and filters them depending on the rules that have been set on the firewall.
• Using two-factor authentication: this is a very effective approach of dealing with unauthorized access because it ensures that other than having a password one has to use biometric details or use a code that has been sent to email or via SMS. This prevents unauthorized users who might have had access to the user’s password from accessing the system because of the need to have a different authentication procedure.
• Installing antiviruses and antimalware: the users’ computers should be installed with antiviruses to detect any malicious program that might be affecting the performance of the system, destroying files, or secretly sharing sensitive information without the users’ knowledge. Antiviruses should be updated regularly to ensure that the latest virus signatures have been captured.
• Creating access control mechanism: access control measure ensures that access privileges and user access rights are controlled and managed to ensure that users are only accessing what is relevant to them.

Application Solution

The solution is expected to be flexible enough to address the increasing needs of the business. Additionally, it should automate the insurance claim process so as to enable customers make their claims online and be able to receive notifications about the status of the claim. The software should also enable users to generate and print various types of reports including financial reports, claim reports, customer reports, pending issues among other

Data Solution

The application should facilitate structuring and classifying data for easy access and retrieval. Classifying data make the analysis process easy because data of the same class/ category can be analyzed at the same time. Additionally, there is need to have data archiving strategies. This is because even if the data is no longer usable or active, it can still serve as reference material for future cases. Therefore, the solution should provide data archiving procedures after a specific period in order to create more space for active and usable data (Margaret, 2016)

Capacity Requirements

System performance is dependent on the capacity requirements. These requirements include processor speed and type, size of the RAM, hard disk capacity, workload, operating system, and number of users (TechNet, 2014). There should be minimum requirements that should be met before using the system.

System Interfaces

The system interfaces are the first parts the users interact with. Therefore, it should be friendly and easy to use. Expected user interfaces include registration pages for registering new customers, employees, crimes and accidents, report generation, profile and claim analysis, search space, data archiving panel, and payment interface. It is recommended to keep the interfaces consistent, simple, proper use of texture and color, purposeful, and should communicate to the user on the running processes (Garrett, 2014).

Constraints

Constraints and Assumptions

The constraints include limited budget, time, and human resource. The assumptions made is that the institution has the required infrastructure to support the system and the users have the knowledge about the use of computers.

System Object Model Sub Systems

The IT solution will have several subsystems that will integrate and collaborate together to achieve a common objective. The subsystem includes finance, claims, finance and marketing, data archiving, and system administration.

Subsystem Interfaces

The interfaces that the IT solution is expected to have are:

• Customer interface- the customer should be able to register and update profile, initiate claims and view claim status.
• System administration interface- the system administrator should have full control of the system and should be able to monitor system functionalities and troubleshoot.
• Finance interface- the finance manager should be able to receive approved claims from the claim manager and initiate the payment process.
• Claims interface- the claim manager should be able to view all the customer claims, analyze them and approve them for payment or reject depending on the outcome of the analysis process.
• Sales and marketing interface- should be able to carry out advertisement, sakes, and promotion to increase awareness and market share.

Object Collaboration

Collaboration Diagrams

The IT solution is expected to ensure that the business processes integrate and collaborate together to attain the business goals. The various departments should work collaboratively to achieve business objective (Valentijn et al., 2015). Collaboration system allows employees from different departments to work together on processes and tasks that are normally inefficient and tedious if handled by one person. The application should support sharing of documents and other files like videos so as to improve decision making process. Having a collaboration system will allow employees to work remotely and provide the necessary

Access Model

In order to restrict system access, IIL should adopt access control mechanism which entails creating password policies and guidelines of creating strong password to prevent unauthorized access, controlling user access rights and management, password management, operating system access control, and privilege management.

Non-Functional Requirements

Performance Considerations

The following consideration should be made

• The capacity of the hard disk
• Size of the RAM
• Processing speed
• Operating system
• Expected number of users
• Workloads

These factors should be considered because the determine the overall performance of the system.

Design Constraints

The design constraints include (Spacey, 2017):

• Functional requirements
• Skills and expertise
• Budget constraints
• Compliance
• Non-functional requirements
• Human resources
• Time
• Test Criteria

The following test criteria will be conducted on the IT solution (Vasylyna, 2018):

• Unit test
• User acceptance test
• Usability test
• White box testing
• Black box testing
• Proof of Compliance

The solution will be regarded as compliant if it meets all the users’ requirements, business requirements, and does not infringe on the rights of any user or breaks the laws of the land.

Conclusion

When developing an IT solution, it is necessary to carry out a detailed analysis of the business requirements in order to deliver a relevant solution. identify risks and prioritizing them is also essential to ensure that the risks that the system may face have been addressed. Additionally, defining the system requirements is very essential to ensure optimum utilization and productivity. System testing is a vital process in validating if the solution has met all the desired requirements. User acceptance, usability, white box, and black box testing should be carried out.

References

Clayton, M. (2017). OnlinePMCourses | Courses to get you set for the project management career you deserve. Retrieved from https://onlinepmcourses.com/project-governance-ever-done/

Garrett, E. J. (2014). User Interface Design Basics. Retrieved October 25, 2018,

Margaret, R. (2016). What is data archiving? - Definition from WhatIs.com.

Owasp.org, O. (2018). Application Threat Modeling - OWASP. 

Spacey, J. (2017). 9 Types of Design Constraint. Retrieved October 25, 2018,

Sunusi, N., Aidawayati, R., & Irmayani. (2016). Study of Insurance Claim using Point Process Models. Indian Journal Of Science And Technology, 9(28). 

TechNet. (2014.). Estimating system capacity requirements.

Valentijn, P. P., Ruwaard, D., Vrijhoef, H. J., Bont, A. D., Arends, R. Y., & Bruijnzeels, M. A. (2015). Collaboration processes and perceived effectiveness of integrated care projects in primary care: A longitudinal mixed-methods study. BMC Health Services Research,15(1). doi:10.1186/s12913-015-1125-4

Vasylyna, N. (2018, July 20). 6 Basic Criteria For Testing Requirements.