Close

(704) 997-3238 info@techassure.com

Tag Archive for: risk management

by

Life Science: Managing Risk throughout the Regulatory Process

Medical device product development is both a complex and highly difficult process. The developer must have a vision of the desired outcome before they conduct research, development and marketing of the product and begin regulatory compliance.

Because of their nature of use, regulation and approval of the product must be met before the product’s release. The FDA’s regulation process can include a number of production “kinks” at first. The public’s safety is the FDA’s number one concern and the efficacy of the device is the second. An approval process can include an evaluation of potential risk, manufacturing processes, potential harm the device may cause, pre-market evaluation and approval, and post market evaluation. The FDA will then classify the product as a Tier I, II, or III. The device then must be put through the IDE and IRB processes. The Investigation Device Exemption allows the device developer to test the unreleased product by using it as it has been intended. The data from this test will then reveal important information which will be evaluated by a review board before entering clinical trials.

After the review board sets up a comparable clinical testing environment, the trials can then begin. The clinical trial process is divided into two sets, pivotal and pilot. The pilot phase is less stringent, testing the basic safety of use of the product. The pilot phase sets the stage for the pivotal trials which use a larger group of testers with a more extensive type of safety testing and use testing.  After the product passes these regulatory phases mass development can begin.

Product launches are a key milestone and require a great deal of risk management strategy for success.  It is important to work with an insurance and risk management firm that is knowledgeable about the life sciences industry and understands how to make risk control an important component of your overall program.  Working with a TechAssure Association member can help your firm stay protected through the rigorous regulatory process of medical device development and a new device launch.  

Please contact us to learn more about developing a comprehensive insurance and risk management program for your product development and launches.

by

Filing for a Public Offering? 5 Tips to Prepare for Public Company Status

A successful Initial Public Offering offers a sense of pride for a firm. Watching your publicly traded company’s symbol flash across the ticker is an elevating experience. But what additional risks does your company face after an IPO?

Changing from a private to public company status will have additional risks that your organization may need to be aware of and it is important to develop a solid risk management strategy that can help your company adapt successfully after an IPO.

Accountability and scrutiny must be taken into account after a company goes public. The amount of exposure involved with an IPO is enormous and senior management must adjust to their new risk profile.

A successful IPO extends your reach from initial investor interest to public stakeholders. Investors and stakeholders must feel confident in your strategic plan and your ability to manage a wide range of risks. In addition, those firms experienced in turning risk into opportunity will be rewarded. Remember your company is now comprised of public as well as private funding and with great power comes great responsibility. Sound strategies for nurturing investor and stakeholder confidence are essential for an IPO’s success.

Here are 5 tips on transitioning your risk management program, as you move from private to public company status.

  1. Start from the top: Your board needs to be in position for successful development of a risk management strategy. Encourage your CFO and your CRO to work in conjunction. Compliance between these positions will successfully build the necessary framework for risk avoidance. This in turn, will set the pace for senior management strategy planning.
  2. Set the stage for effective and robust board governance: Your board governance will need to adapt to your new planning techniques. Since investors are watching more closely, it is time for your board to shine. Make sure you have key players in place that have versatile talents which will enhance rich governance techniques.
  3. No alarms and no surprises: The public market hates surprises. Surprising your investors can cause alarm which will affect confidence. New ideas and strategies should be carefully vetted. This will ensure that new product launches goes smoothly. Make a practice of including risk management in all of your core business unit discussions.
  4. Stay ahead of regulation: Regulations are constantly impacting the market. After an IPO — stay ahead of the curve as much as possible. Keep you investors informed about these changes and share your plans for compliance. This lets investors know your board is effectively keeping your firm on track.
  5. Stop watching everyone else: During the immediate period after an IPO, focus on understanding your unique risk profile and building mitigation strategies to manage the risks. This will provide a solid platform for discussing “risk” with public shareholders.

Adjusting your insurance and risk management program as your firm goes from private to public is important. Contact a TechAssure Association member to learn more about the support they can provide as your build your risk management program.

by

Corporate Risks and Cyber Criminals Lurking in the Cloud

Most of us are already aware of the benefits of cloud computing. But what many don’t realize is that cyber criminals are also harnessing the power of the cloud to gain unauthorized access to sensitive data.

Phishing scheme artists, for one, have learned to utilize the redundancy, scalability, and automation powers of the cloud to gain illegal access to bank accounts. This is easily accomplished by procuring cloud services through a website with an approved, though likely stolen credit card. This sets the stage for criminals to work their craft anonymously and make them even harder to catch.

What are the risks of cloud computing to a corporation?

There are many risks that a company faces from the use of cloud computing. Some of the major risks include disputes over ownership of data, records and assets. Risks can also include lost data, unavailability of information and malicious attacks. In addition, risks from shared access, authentication and authorization are broad.

Will a Commercial General Liability respond to data breaches or cloud computing risks?

No, your Commercial General Liability will not respond to claims that arise from data breaches or activities in the cloud. In order to protect against those types of risks, a company should consider the benefits of purchasing a cyberliability policy that is designed around your unique risks.

What can a company do to prevent these types of security breaches to your network?

The good news is that cloud providers are more diligent than ever in detecting unusual patterns of activity as they monitor how customers utilize the service. One very effective measure is the deployment of a dedicated antifraud team trained to recognize illicit activity from the start, such as the detection of a stolen credit card to procure cloud services. However, this does not mean you should relax your own security measures. Whether your data sits on another server, or is in the cloud, it is your corporate asset and you should take appropriate steps to protect that risk. Companies should be on the lookout for any security loopholes that allow easy access from unauthorized parties.

Working with a member of TechAssure Association can provide your organization with a range of insurance and risk management tools to help you manage your risks in the cloud. Contact a TechAssure Association member for more information on risk management services that can protect your corporate assets.

by

High Growth Firms and Risk Management

The global financial crisis has led to dramatic and ongoing changes in risk management among many technology and life science firms. As a result, most technology and life sciences business leaders face unprecedented challenges as they grow their firms from the early stage to maturity. However, we continue to witness the growing list of high-growth firms in this category and we believe they have unique insurance and risk management needs. These firms must make risk management central to their business at an earlier stage in the corporate life cycle in order to have the best chance for survival.

Rapid-growth companies aren’t afraid of taking calculated risks. They often learn how to turn risk into opportunity and find themselves doing that better than their competition. This means that before they jump into opportunities, they calculate the risks and are more aware of the potential consequences. Developing a corporate risk management approach at an earlier stage in the firm’s life cycle is crucial for ensuring the continued interest of investors and strategic partners.

A growth firm is recognized by its ability to increase its business by a significant amount very quickly, but it’s important to realize that there are challenges with such a fast increase in business. Demands for capital to increase and expand production, hire additional workers, increase locations and more are necessary to maintain high growth rates. Investors are usually asked to take a new look at a growth business and the potential it has for increased profits and cash flow.

A growth firm will experience increased market share and profits. It puts them in the position of decreasing competition. They will be able to better seek out the latest ideas and innovations in their industry. One important result is that higher skilled workers will want to be a part of a growth firm.

As a growth firm enlarges, its insurance needs will also tend to increase. It will be important to adjust insurance coverage as is necessary. Additional insurance products may be needed and adequate liability insurance needs to be in place as the company changes and grows.

Growth firms do many things to maintain their momentum. Having a risk management plan that changes with your organization is important. Contact a TechAssure Association member to learn about our special services for high growth firms.

by

Top Five Causes of Data Breaches and Why Firms Should Buy Cyberliability

Because of advances in technology, companies have been able to grow and expand like never before. On the downside, cyber threats lurk around every corner, from hackers corrupting systems and networks to criminals attempting data breaches.

Because of the nature of their business, technology companies are at an increased risk to these types of threats. Here are some of the top causes of data breach and what steps you can take to ensure your company’s information is safe.

  1. Credential Theft: Hacking puts all of your sensitive information at the fingertips of individuals trying to steal your company’s most important information. In a recent study, 76% of data breaches occurred because of weak credentials. Password protection is essential to preventing hackers from entering your company’s networking systems.
  2. Application Vulnerability: Hackers use back doors and SQL injection accounts for almost half of all data breaches. Web applications are most vulnerable to this type of attack.
  3. Data on the Move: This type of breach involves stolen or lost-in-transit devices such as laptops, storage devices, hard copy reports, and hand-held devices. Securing these items during travel can help ensure that your sensitive information does not fall into the wrong hands.
  4. Insider Breach: This type of security threat involves insider attacks. Employees who can access company information can easily transfer firm financials, passwords, network and security access, etc. When employees go rogue, it is important to have a secure plan in place to prevent loss of data or worse.
  5. Employee Error: Employee negligence can inadvertently expose your firm to data breach. Some of these instances may be unpreventable, but it is important to educate your employees on how they can prevent data breach by following certain system protocols and implementing criteria each day that can help close the gap.

Maintaining a comprehensive cyberliability insurance and risk management program can ensure that your information is protected and that you will have a plan of action for managing the aftermath. Protect yourself and your firm’s credibility with an insurance policy custom tailored to your specific requirements. A TechAssure Association member can help you customize a cyberliability program around your unique risk profile. Please contact us for more information.

by

Top Risks in Global Expansions

If you are a technology or life science firm considering global expansion, you need to become aware of some foreign risks that need to be managed. Tips to handling foreign risks include:

Establishing a Global Risk Management Program – Handling of foreign risks is different from the management of domestic risks. Foreign risk requires different treatment and a firm understanding of the differences in laws, business practices and procedures for handling certain risks. With an ever-increasing number of firms that are expanding their operations to include facilities on foreign soil, it is important to establish overall goals for your risk management program.

The goals for your global risk management program should include the standardization of risk management controls, and an improved ability to predict potential losses. You will also need to eliminate gaps in your insurance coverage, identify hidden costs in your insurance program and ensure that you are in strict compliance with local laws and are leveraging economies of scale in your insurance program.

Political Risks Play a Role in International Expansions – Political risk is defined as the threat of losing assets, management control, or potential earnings as a result of political action by the host country. Generally speaking, a country with a stable government poses less of a risk than one in turmoil. Specialized Political Risk insurance policies can protect against certain types of perils for companies doing business or conducting operations in foreign countries. These insurance contracts often address business exposures faced by these companies as a result of foreign governmental action. Types of exposures that can be covered under political risk policies include confiscation, expropriation, deprivation, nationalization, political violence and currency inconvertibility. They can also be customized to include export credit.

Economic Risk Come in Different Shape and Size – Economic risks speak to the chance that a host country may impose sanctions that will restrict or regulate the activities of foreign corporations. Most common among these are exchange controls, which restrict movement of foreign money out of the country, tax policies that are often used to control foreign companies by placing large taxes on their products, and price controls in which host countries establish regulations controlling the price range of a business’s goods or services.

Don’t Forget the Cultural Risk – Cultural risk can be as damaging as political or economic dangers. National cultural risk is the possibility of doing something considered unacceptable by the social culture of the host country. Business cultural risk is the threat of doing something inappropriate within the business environment as a whole. Corporate cultural risk is the risk of making a cultural error when dealing with a specific company.

Managing foreign risks can determine your level of success in the global market. The international network of professionals in TechAssure Association can help you establish a solid global risk management program. Contact us to learn more about our members.