Top risk management tips for IT professionals

There are many factors for IT professionals to consider whenimproving risk management within their firm but here are some key suggestionsfor reducing your exposure to professional indemnity claims.

1. Understand the needs of your client by conducting adetailed scoping exercise (ideally before an exchange of contracts takesplace).

2. Do not oversell the goods and/or services you are offering.Claims often arise on the basis that systems/software supplied do not meet theexpectations of the client.

3. If a project is evolving during implementation (known asscope creep) make sure that there are effective change controls in place.

4. Ensure that the client is kept advised of the full costsof a project or implementation. It is not uncommon for disputes to arise whencosts are significantly higher than anticipated.

5. Avoid copying material without permission and ensure thatthe ownership of source codes is clearly defined. If, for example, you arecarrying out a bespoke software development project for a client, clarify whichparty will retain ownership of the source codes.

6. Use caution when managing or migrating data belonging toa client. Ensure that data is backed up and that any data you hold is securewith appropriate firewalls and password protection.

7. Make sure that your professional indemnity policy isadequate for your needs. Is the policy limit sufficient for the size and valueof contracts you are entering into? Are there territorial limits on the policy?Has the type of work you are carrying out been clearly explained to yourinsurers?

Finally, it is worth emphasising how important good riskmanagement is. Dealing with a professional indemnity claim can be costly andtime consuming and most insurers will require you to be actively involved inthe process. If a claim goes to mediation or trial you could be looking athundreds of working hours being lost and in this economic climate that is notan appealing prospect.