Читать книгу Enterprise Risk Management - Hardy Karen - Страница 6

INTRODUCTION

Оглавление

Since the first introduction of this material in 2009, the practice of risk management and, more so, that of enterprise risk management (ERM), has expanded in the federal space. For example, the Association for Enterprise Risk Management (AFERM) has been established solely for those who oversee risk management in federal agencies. The AFERM mission is to advance the practice of ERM in the federal government through thought leadership, education, and collaboration.20 AFERM provides specific programs and opportunities to educate members and stakeholders on the benefits, tools, and leading practices of federal ERM. AFERM also fosters collaboration with organizations and stakeholders to promote laws, regulations, and policies to establish federal ERM in the various agencies and departments. In addition, an International Risk Management Standard (ISO 31000) was adopted by the American National Standards Institute (ANSI), and the FederalERM.org website saw its membership exceed seven hundred government online subscribers. Government Executive magazine recognized the FederalERM.org website as “an informal network to help employees learn new skills.”21

There has also been a modest increase in the frequency with which job postings for chief risk officers (CROs) and risk management officers (RMOs) have been advertised on USAJOBS.gov (see Table I.1). Job titles such as risk management specialist have been identified as a new emerging occupation with a bright outlook. According to the Department of Labor, “bright outlook” occupations are those that are expected to grow rapidly in the next several years, will have large numbers of job openings, or are new and emerging occupations.22 According to the U.S. Department of Labor’s O∗NET OnLine, the risk management specialist occupation is projected to

• Grow much faster than average (employment increase of 29 percent or more) over the period 2010–2020

• Offer one hundred thousand or more job openings over the period 2010–2020


Table I.1 Agency Hiring Activities

Source: The listing of CROs hired in government agencies is taken from a random selection of USAJOBS.gov job announcement postings and organizational charts. “The Chief Risk Officer” is from http://erm.ncsu.edu/library/article/cro-emerging-trends/#.UwV-iMKYbVI.


The speed with which these developments have transpired in the federal environment makes this book especially timely for several reasons:

1. There is a growing demand for knowledge and understanding of ERM and its application to public sector organizations.

2. There is a lack of available information focused on the practice of ERM and how it benefits public sector organizations.

3. A solid blueprint for utilizing ERM in public sector organizations, namely federal agencies, is sorely needed to guide those who champion risk management practice.

4. There is no single resource guide available that summarizes information about ERM and risk management in general for the government workforce.

Finally, the Obama administration’s focus on accountability and transparency has also prompted a renewed focus on risk and controls. This publication aims to satisfy these needs.

In recent years, the federal government has been on the receiving end of new legislation and regulations that require it to better manage risk and improve controls in discrete areas. Generally, to meet the requirements of each of these new mandates, agencies have engaged in many compliance-driven activities. This stove-piped approach to compliance is costly and does not optimize value. This book explores how federal C-suite executives, as well as financial and operational managers, can help guide their agencies to take a more holistic approach to risk management by implementing an ERM system. This approach can help reduce the total cost of compliance by proactively mitigating risk, while helping agencies achieve greater value from their risk management activities.

Although the current focus on risk management for most federal CFOs and financial managers stems from the revised OMB Circular A-123, these are only two requirements among the many that federal agencies must address. Agencies are also required to report their results in implementing the Federal Managers’ Financial Integrity Act (FMFIA) of 1982, the Improper Payments Information Act (IPIA) of 2002, and the Federal Information Security Management Act (FISMA) of 2002, among others. Virtually all of these requirements are ultimately geared toward one objective – improved risk management – so an agency’s response to risk provides reasonable assurance that the organization will achieve its strategic objectives.

This dramatic increase in compliance requirements, coupled with the realization that compliance cannot be effectively achieved just by having discrete compliance programs in various business units, now makes it critical for organizations to move toward an enterprise-wide risk management approach. Holistic ERM starts with a focus on possible events and their classification into opportunities and risks.

Keeping track of these possible events requires good data and data governance managed at the enterprise level. It also requires a taxonomy or classification scheme of the most important risks to the entity and a common language for understanding those risks. Improved data management allows the enterprise to take advantage of modern analytical methods to quantify the impact of risk. Data analysis also enables the enterprise to gain an overall view of current risk as well as trends and potential future risks.

It’s clear that implementing an ERM approach makes sense and yields benefits to an organization. It is my hope that federal executives will find this book useful to them as an introduction and guide to enterprise risk management.

20

Association of Federal Enterprise Risk Management. http://www.AFERM.org.

Enterprise Risk Management

Подняться наверх