Hi, The results were out yesterday and unfortunately I did not pass. One of the questions had asked a lot about outsourcing risks and their possible mitigation plan. I am just curious to know how should I have developed more pertinent points - given that its coverage in the course notes is quite limited. Thank you!!
Hi Rakesh.I am sorry you didnt get SA2 this time round. I think the key risks associated with Outsourcing would be operational,reputational and conduct risk.I based my answer around these 3 broad categories. Again mitigation techniques focussed on Vendor selection,Service Level Agreements and anything else I could think of from CA1. Might be also worth waiting for the suggested answers to be put up on the website.
I agree with Vikky. Basically you are losing direct control which is a risk in itself. Hence choose the outsourcer carefully with regard their experience, capability eg does your product have non standard features even their admin system cannot cope with or able to tweak for this and any other changes say in regulation that may be needed, their turnaround and whether it meets your customer promises. Ultimately if the admin goes wrong, a policyholder won't see this - they still associate it as a failure on your part. I think the bit about ca1 is right. It's the final exam (in theory) and any knowledge gained elsewhere is fair game. Mitigation can be things around information security and access to data for your valuations, right to audit, cancellation rights etc. Basically anything that gives you review rights to check on the work and pull out ultimately if needed. Do indeed look at the examiners report. You may not done as badly as you think on this question, but you must at this level be able to think outside the box.
