Skip to Content
Risk Management Technology

Information Systems: Which Type Is Right for Your Organization?

Anita Schoenfeld | April 1, 2001

On This Page
Risk management on a world map

Buying a new risk management system is difficult considering all the different applications and alternatives. Learn what types of systems are available and how they can respond to your organization's needs.

Buying a new risk management system is a difficult task. Faced with hundreds of different applications and alternatives, how does a purchaser know what to look at, let alone what to buy? Understanding the types of systems available in the marketplace is the first step in the buying process. Then, knowing what your organization's needs are, you can choose which application(s) should be considered.

What Types of Systems Are Available in the Marketplace?

Systems are generally grouped into four categories:

  • A Risk Management Information System (RMIS) focuses on activities relating to the collection and analysis of exposure-related information and generation of user defined reports. The term "RMIS" is also sometimes used, although wrongly, to refer to systems that can administer claims.
  • A Claims Management Information System (CMIS) typically includes all of the RMIS's functionality but also includes capabilities designed to adjudicate claims, including monitoring litigation, tracking allocated expense, making payments and a multitude of other types of activities relating to the claims adjustment function.
  • An Integrated (or Comprehensive) Information System (IIS) contains all of the functionality of an RMIS and CMIS, but will also support the organization's underwriting, loss control, accounting, statutory, administrative, or financial reporting needs.
  • An Enterprise Resource Planning Solution (ERPS) is an organization-wide operational system, including financial, manufacturing, sales, distribution, accounting, and, in some cases, risk management functions.

How do you know which type of system will meet your needs now and into the future, should the organization's needs change? Understanding the functionality of each system and its related costs can help you navigate the landscape.

How Does the Functionality Vary between Different Applications?

Each application has a targeted audience. The functionality and cost increases exponentially as capabilities increase to meet a broader need. However, most can be purchased on a modular basis, allowing an organization to purchase the types of functionality required to meet immediate needs, while providing scalability for future expansion.

Some system's capabilities do overlap. The question that needs to be answered is whether the majority of the systems' capabilities are needed now or in the near future. An understanding of the organization's future goals is needed to guard against over or under buying on system capabilities.

Some systems are designed to meet the specific needs of only selected types of organizations, such as insurance companies, pools, captive, and third-party administrators. ERPSs, in particular, have targeted industries, such as manufacturing or service, which drive the system's design.

Generally, you will find the following capabilities in each of the systems:

  • RMIS—
    • Data collection and consolidation
    • Data analysis
    • Data reporting
    • Report circulation (possibly Web-enabled)
    • Remote access by outside users
    • Cost allocation
  • CMIS—
    • Above RMIS capabilities
    • Claims administration
    • Financial, statutory, and accounting reporting
    • Tracking case-related allocated claims costs
    • Litigation oversight
    • Diary
    • Supervision and claim oversight
    • Case-related notes
    • Loss control
    • Medical management
    • Fee schedule application
    • Utilization review
    • Payments
    • Enhanced security
  • IIS
    • Above RMIS and CMIS capabilities
    • Agency management
    • Time and expense tracking for billing purposes
    • Submissions and quoting
    • Invoicing
    • Receivables, disbursements, and collection
    • Policy and endorsement issuance
    • Renewals, cancellations and reinstatements
    • Premium audit
    • Reinsurance
    • Generally accepted accounting principles (GAAP) and other statutory reporting
    • Actuarial "black boxes," including incurred but not reported (IBNR) calculations, loss sensitive program tracking
    • Data warehousing
    • Imaging and electronic workflows
  • ERPS—
    • Workflow tools
    • Data mining tools
    • Operational applications, including planning
    • Accounts receivable
    • General ledger
    • Asset management
    • Product management (engineering/design through production)
    • Manufacturing, sales
    • Distribution and supply
    • Value chain analysis
    • Customer relationship management
    • Statutory reporting
    • Human resources enrollment and program administration
    • Risk management (data analysis and reporting)
    • Application integration and collaboration
    • E-business

Although an ERPS may have some risk management functionality, typically it is based on data collected from an interfaced RMIS or CMIS, or from financial information manually entered into the application. Typically, an ERPS is purchased as a function of decisions made by the organization, rather then a single function (such as risk management or finance) within the organization. From a true risk management standpoint, an ERPS is not typically considered within the selection process.

If, an RMIS, CMIS, and IIS are the alternatives, how do you choose the right application without "buying too much" (or too little)?

What Do You Need Now? What Will You Use Later?

Before any purchase, a comprehensive needs assessment is required. Understanding current organizational and system requirements may be insufficient. Future planning and defining what potential needs might be required, up to 5 years into the future is essential. Why 5 years? Obsolescence.

Most applications have a 5-year lifespan, if they are not modified or upgraded. Purchasing upgrades for systems, particularly those that have been customized by an organization, can be extremely expensive and require substantial effort to identify integration and functionality issues and to conduct environmental testing. Understanding the organization's current and future needs before you buy will help to identify applications that may have modules which can be added to the existing application to expand functionality without purchasing a new application or a complete upgrade.

Which Buyers Choose Which System?

As the organization defines its current and future needs, the decision on how to meet these requirements can vary. It is not as simple as, "corporations always choose RMIS, and TPAs always choose CMIS." A corporation that does not administer its own claims may still choose a CMIS if its insurer or TPA can interface or download claim-specific information. In this type of arrangement, the downloaded data would populate claim records within the CMIS, allowing the corporation or risk manager to see claim detail, adjuster notes, claims payments etc., all within the CMIS data fields.

Corporations may also choose a CMIS if their intent is to administer claims internally at some point in the future. If this is the reasoning, a system with the ability to "turn on" claims administration functionality (e.g., claims payments, fee schedule application etc.) at a later date, would be a good choice, assuming the cost for the additional functionality is deferred until or if the claims module is added.

TPAs may choose a CMIS or an IIS, depending on whether they also provide program management services. If a TPA were supporting a pool's underwriting, accounting, loss control, and marketing functions, an IIS would be the only reasonable choice.

As general rule of thumb, corporations, insured public entities, and other insured entities would use an RMIS. CMISs are typically selected by TPAs, self-administered public entities, corporations with large retentions to administer, and pools that administer members' claims but do not underwrite the business.

IISs are typically found at TPAs that provide program management, including underwriting, policy issuance, loss control, etc. Managing general agents, insurers, large pools, and captives also will need the capabilities found in this type of system.

What Are the Typical Price Ranges for These Systems?

Prices vary widely between the systems and are affected by the amount of customization required. "Off-the-shelf" systems only really exist in the realm of an RMIS, and even these applications are frequently customized by the buyer. Most buyers are misled by initial prices quoted for the various applications because they do not understand licensing arrangements and the need for customization or additional services. The need for adaptations to the application to accommodate specific business needs can considerably add to the delivered cost.

Other additional costs might include user licenses (versus the site license cost), middleware (providing connectivity to databases and drivers for hardware), telephony and other hardware and infrastructure upgrades, as well as service fees that might include implementation support and training.

Site licenses for the three risk management related applications typically range in the following areas:

  • RMIS $75,000-$150,000+
  • CMIS $250,000-$500,000+
  • IIS $750,000-$2,500,000+

ERPSs range substantially higher and typically include implementation and customizations costs in the site license. They are rarely if ever offered on an "off-the-shelf" basis.


Planning is everything. Buying the application that meets immediate needs but lacks scalability or the capability for future expansion can be a costly mistake. Which application best meets your needs may be a function of flexibility and cost, rather then immediate needs.

Opinions expressed in Expert Commentary articles are those of the author and are not necessarily held by the author's employer or IRMI. Expert Commentary articles and other IRMI Online content do not purport to provide legal, accounting, or other professional advice or opinion. If such advice is needed, consult with your attorney, accountant, or other qualified adviser.