Organisations answer thousands of questions every day. These may range from how to determine how much to charge a customer for a service, what processing fee needs to be applied to a particular transaction, or whether to deny or approve an insurance claim.\nUnfortunately in many cases, manually answering all of these questions to make the right business decisions is a time-consuming process that can negatively impact results and take attention away from increasing profitability and gaining a competitive edge.\nIT leaders from various industries gathered at two CIO roundtable events in Sydney and Melbourne in July and August to discuss the latest thinking around business rules management and how it can potentially benefit their organisations. The event was sponsored by Progress Software.\nAll attendees, many from the financial services industry, viewed business rules management as a fundamental task.\nAt the same time, they felt it\u2019s important to strike a balance between the need to automate business rules and still allow individuals to change some processes manually.\nDecision and business rules systems are vital for Allianz Australia Insurance, according to head of IT and business alignment, Nagib Kassis. \u201cRating and underwriting in insurance rely heavily on having adequate business decisioning and rules,\u201d he says.\n\u201cThe differentiator we are seeing at the moment is how technology is empowering the business to have more control and flexibility in making changes without having IT involvement in the change.\n\u201cIn addition, this increases the focus on what skills are necessary on the business side that will allow them to make those changes, as opposed to traditionally logging a request and getting IT to make that change.\u201d\nAllianz has built business rules as a service \u2018outside\u2019 of its policy administration system. \u201cAt the same time, there are business rules built from years of insurance experience and that\u2019s intellect you can\u2019t let go of,\u201d says Kassis. But the organisation has had to \u201cundo some of this bad complexity and build new and tidier rules\u201d.\n\u201cIf there is demand for a new product, we simply use and reuse Web services \u2013 tapping into the same decisioning and rules engine to minimise the disruption, which is important because services need to be available around-the-clock,\u201d he says.\nOne CIO says his organisation recently migrated to more up-to-date systems with new functionality, but reports challenges around documenting and managing change. \u201cWhen there is an issue, people think it\u2019s a technology problem but it\u2019s often triggered by a business change,\u201d he says.\n\u201cBusiness rules are embedded everywhere \u2013 they are in product platforms, servicing, acquisition and risk decision systems. They are complex and not particularly well understood.\u201d\nLack of organisation\nAnother roundtable attendee didn\u2019t believe organisations are particularly organised around how they manage business rules.\n\u201cHistorically on legacy platforms, business rules were hard-coded into the application \u2013 so technology had to manage that, and people had to do the business analysis through coding and testing,\u201d the CIO says. \u201cAs we have moved on and started to deliver platforms with more flexibility \u2013 people haven\u2019t necessarily said: \u2018We need to have a whole change function to do this\u2019.\n\u201cRegulation is going up and interestingly, at the same time, there\u2019s a lot more flexibility around how you manage change. The regulators are getting much more interested in operational risk and how to constrain that.\u201d\nCTO at Melbourne Health, Andrew Oldaker, says there are plenty of business rules inherent in many healthcare systems but not a lot of linkage between them.\n\u201cThat\u2019s one of the biggest issues and there\u2019s a lot of regulatory requirements in health in relation to rules,\u201d he comments. \u201cIt\u2019s around enforcement more than anything else. Access to a lot of health systems is somewhat archaic and modernisation is an important aspect.\n\u201cHealthcare, like a lot of industries, is fairly conservative and a lot of the architectures we have in place are old... so the de-coupling of rules from the product is not easy to do.\u201d\nAnother CIO adds a lot of business logic sits in his organisation\u2019s systems and one of his goals is to make these systems more rules-based.\n\u201cUniting the business logic with the rules is our challenge,\u201d he says. \u201cWe are looking at months of development effort to make a software change that we could make over a weekend by creating business rules \u2013 we\u2019re not quite there yet but we are going in that direction pretty quickly.\n\u201cOur systems might run 2000 to 3000 transactions per second across 5000 products \u2013 so you are looking at a lot of volume you need to monitor. Building algorithms that react quickly enough to catch or reject customer orders is challenging.\u201d\nRelinquishing control\nThe IT department at financial services organisation, Pepper Group, creates standard business rules around data management but enables line-of-business users to write their own reports based around these rules, says its CIO, James Henshaw.\n\u201cThis ensures IT doesn\u2019t become a bottleneck and the processes are not IT-centric \u2013 it\u2019s about empowering users to be able to do those things,\u201d he says.\n\u201cTechnology is now at a point where it empowers organisations like ours to do more. Our IT department is prepared to relinquish some control while putting trust in people to do the right thing based on the business rules we have put in place.\u201d\nPeter Fuller, MD for Progress Software A\/NZ, points out many businesses have \u2018citizen developers\u2019, writing code to be used by others across their organisations. \u201cProduct providers say \u2018don\u2019t worry about the IT guys, they\u2019re holding you back and the business can do it all\u2019,\u201d he says. \u201cHowever, on the other side of the coin, you have business users creating applications they expect IT to support. There\u2019s a very fine balance.\n\u201cI guarantee you have applications running today you didn\u2019t even know about. It\u2019s about accepting that nowadays the business does want to change business rules or develop their own applications, and organisations need to work out a way to control the chaos.\u201d\nBettina Wilcox, head of IT and projects at RAMS Financial Group, adds it really is about trust and building relationships. \u201cOne of the great things about working in a small organisation is that most of us work on the same floor and we have a fairly flat operational structure,\u201d she says.\n\u201cThis makes it easier to have very direct and often informal conversations to build very strong interpersonal relationships. In large organisations where people are in multiple locations you can still build that trust but it\u2019s a different level of complexity and always a work in progress.\u201d\nAn organisation\u2019s culture can also stand in the way of attempts to automate business rules, says\nYoav Hammerman, an IT operations manager at a large financial services organisation.\n\u201cThere are people that know the processes and everyone relies on them, so automating many different tasks is a challenge from a cultural point of view,\u201d he says.\nIn addition, a \u201czero tolerance policy for system errors\u201d drives the need to manually validate certain transactions. Despite this, Hammerman sees an opportunity for automation in some areas in the future.