GSA releases playbook for enterprise risk management
The CFO Council and the Performance Improvement Council have released guidance to help agencies meet new risk management requirements in OMB’s revised Circular A-123.
What: "Playbook: Enterprise Risk Management for the U.S. Federal Government," released July 29 by the Chief Financial Officers Council and the Performance Improvement Council.
Why: Federal managers need guidance to help meet the requirements of the Office of Management and Budget's revised Circular A-123 and better manage risk when implementing IT upgrades.
The latest update to Circular A-123, which OMB released in July, requires agencies to establish an enterprise risk management (ERM) structure to improve accountability. The Obama administration has stressed the importance of using such processes and systems to catch problems early. According to an OMB memo, that "integrated government structure" will improve mission delivery, reduce costs and focus action on key risks.
The playbook is less of a how-to manual than a foundation for applying ERM principles and guidance for meeting the requirements of Circular A-123. Its goal is to be useful for employees at all levels, from stating principles for senior staff to offering practical support for those who manage day-to-day operational risks.
Although the playbook provides examples of best practices, the authors say agencies must decide what works for them. They are encouraged to establish a governance structure that includes a risk management council or committee and develop "risk profiles" to pinpoint the major risks in mission and mission-support operations. The playbook also includes examples of ERM frameworks and models.
Verbatim: "While agencies cannot respond to all risks, one of the most salient lessons from past crises and negative reputational incidents is that both public- and private-sector organizations would benefit from establishing or reviewing and strengthening their risk management practices. Agencies are well advised to work to the greatest extent possible to identify, evaluate, and manage challenges related to mission delivery and manage risk to a tolerable level."
Click here for the full playbook.
NEXT STORY: The secret to handling stress