We have been reporting for a year that the US government will be requiring risk management and enterprise risk management.
WHITE HOUSE OFFICE OF MANAGEMENT AND BUDGET
The US Office of Management and Budget is requiring Enterprise Risk Management in operations through Order 1.11 because:
“Agencies are expected to manage risks and challenges related to delivering the organization’s mission. ERM is a strategic discipline that can help agencies to properly identify and manage risks to performance, especially those risks related to achieving strategic objectives”
Interestingly, enterprise risk is defined according to ISO 31000: “Risk is the effect of uncertainty on objectives.”
OMB also includes the following ISO 31000 ERM requirements:
- Creates and protects value;
- Is an integral part of all organizational processes;
- Is part of decision-making;
- Explicitly addresses uncertainty;
- Is systematic, structured, and timely;
- Is based on the best available information;
- is tailored and responsive to the evolving risk profile of the agency;
- Takes human and cultural factors into account;
- Is transparent and inclusive;
- Is dynamic, iterative, and responsive to change;
- Facilitates continual improvement of the organization
OMB STANDARDS FOR INTERNAL CONTROL
Government Accountability Office (GAO) also developed risk Standards for Internal Control – also called the Green Book mandate. The scope of the risk control standards can be seen in the below figure.
Bottom Line: Operational RM and ERM are not going away, And more importantly, RM and ERM will continue grow in importance.
Bio:
Greg Hutchins PE and CERM (503.233.101 & GregH@QualityPlusEngineering.com) is the founder of:
CERMAcademy.com
800Compete.com
QualityPlusEngineering.com
WorkingIt.com
He is the evangelist behind Future of Quality: Risk®. He is currently working on the Future of Work and machine learning projects.
He is a frequent speaker and expert on Supply Chain Risk Management and cyber security. His current books available on all platform are shown below: