#150 – ERM PLAYBOOK – FOR THE US FEDERAL GOVERNMENT – GREG HUTCHINS

Posted on by

Greg HutchinsWe’ve been talking about ERM for the US Federal Government for a while.  While, the US federal government has been implementing risk management in many departments, operational ERM to all Federal agencies is a game changer.

The Executive Office issued Circular A 123 last month with the specific requirement that:

“The Administration has emphasized the importance of having appropriate risk management processes and systems to identify challenges early, to bring them to the attention of Agency leadership, and to develop solutions. …  Over the years, government operations have changed dramatically, becoming increasingly complex and driven by changes in technology.

Office of Management and Budget now specifically defines management’s responsibility for enterprise risk management and internal control in federal agencies:

“Circular provides updated implementation guidance to Federal managers to improve accountability and effectiveness of Federal programs as well as mission-support operations through implementation of ERM practices and by establishing, maintaining, and assessing internal control effectiveness. The Circular emphasizes the need to integrate and coordinate risk management and strong and effective internal control into existing business activities and as an integral part of managing an Agency.”

BUT HOW TO DO IT?
The question was raised: HOW TO implement ERM in different Federal agencies with different missions, cultures and context?  ERM is a new discipline that must be architected, designed, deployed, and assured to the context of the organization.

The Feds just released Playbook: Enterprise Risk Management in the US Federal Government to facilitate the move to ERM.  The Playbook consists of tools and methodologies to provide high level key concepts to establishing a comprehensive and effective ERM program.

The Federal ERM program is solidly based on risk based, decision making:

“An agency-wide ERM program should enhance the decision-making processes involved in agency planning including strategic and tactical planning, human capital planning, capital investment planning, program management, and budget formulation. It should build on the individual agency’s risk management activities already underway and encompass all of the agency’s operations.”

FEDERAL ERM MODEL
The Federal ERM model is based on a risk management framework that maps to ISO 31000 and ISO ERM.  The steps include:

Step 1. Establish context
Step 2. Identify risks
Step 3. Analyze and evaluate
Step 4. Develop alternatives
Step 5. Respond to risks
Step 6. Monitor and review
Step 7. Continuous risk identification and assessment

So, what should you do now if you want to learn about the new the new ERM requirements?

Bottom Line: Check out the Playbook and the Federal ERM model.  We are hearing that some states are thinking of adopting the model.   As well, check out Certified Enterprise Risk Manager(R) certificate program.

Bio:

Greg Hutchins PE and CERM (503.233.101 & GregH@QualityPlusEngineering.com)  is the founder of:

CERMAcademy.com
800Compete.com
QualityPlusEngineering.com
WorkingIt.com

He is the evangelist behind Future of Quality: Risk®.  He is currently working on the Future of Work and machine learning projects.

He is a frequent speaker and expert on Supply Chain Risk Management and cyber security.  His current books available on all platform are shown below:

 

Leave a Reply

Your email address will not be published.