Enterprise Risk Management
eBook - ePub

Enterprise Risk Management

A Guide for Government Professionals

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Enterprise Risk Management

A Guide for Government Professionals

About this book

Winner of the 2017 Most Promising New Textbook Award by Textbook & Academic Authors Association (TAA)!

Practical guide to implementing Enterprise Risk Management processes and procedures in government organizations

Enterprise Risk Management: A Guide for Government Professionals is a practical guide to all aspects of risk management in government organizations at the federal, state, and local levels. Written by Dr. Karen Hardy, one of the leading ERM practitioners in the Federal government, the book features a no-nonsense approach to establishing and sustaining a formalized risk management approach, aligned with the ISO 31000 risk management framework. International Organization for Standardization guidelines are explored and clarified, and case studies illustrate their real-world application and implementation in US government agencies. Tools, including a sample 90-day action plan, sample risk management policy, and a comprehensive implementation checklist allow readers to immediately begin applying the information presented.

The book also includes results of Hardy's ERM Core Competency Survey for the Public Sector; which offers an original in-depth analysis of the Core Competency Skills recommended by federal, state and local government risk professionals. It also provides a side-by-side comparison of how federal government risk professionals view ERM versus their state and local government counterparts.

Enterprise Risk Management provides actionable guidance toward creating a solid risk management plan for agencies at any risk level. The book begins with a basic overview of risk management, and then delves into government-specific topics including:

  • U.S. Federal Government Policy on Risk Management
  • Federal Manager's Financial Integrity Act
  • GAO Standards for internal control
  • Government Performance Results Modernization Act

The book also provides a comparative analysis of ERM frameworks and standards, and applies rank-specific advice to employees including Budget Analysts, Program Analysts, Management Analysts, and more. The demand for effective risk management specialists is growing as quickly as the risk potential. Government employees looking to implement a formalized risk management approach or in need of increasing their general understanding of this subject matter will find Enterprise Risk Management a strategically advantageous starting point.

Trusted by 375,005 students

Access to over 1.5 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Jossey-Bass
Year
2014
Print ISBN
9781118911020
Edition
1
eBook ISBN
9781118911037
Topic
Business
Subtopic
Government & Business
Index
Business

Chapter One
Why Enterprise Risk Management?

The U.S. government has a long history of adapting and adopting successful and prudent business practices from the private sector. In the arena of financial management, this is perhaps best illustrated by the adoption of the Chief Financial Officers Act of 1990, with its requirement that federal agencies pass financial audits.1 The adoption of enterprise risk management (ERM) is no exception. Although risk management has long been a priority for many organizations, the private sector financial collapse of 2008–2009 has put a spotlight on enterprise risk management as a critical component of an organization’s overall health and long-term sustainability.2
There is no one set definition of ERM that all organizations abide by. Several organizations, however, have taken the liberty of defining ERM based on their organizational or industry perspectives. Although the definitions vary, they do have some common themes. Each agency should determine which definition fits their organization, in whole or in part.
According to the Committee of Sponsoring Organizations (COSO), ERM is defined as “a process, effected by the entity’s board of directors, management and other personnel, applied in a strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of objectives.”3
Embedded in this definition are seven fundamental concepts, which assert that ERM is:
  • A process, ongoing and flowing through an entity
  • Effected by people at every level of an organization
  • Applied in a strategy setting
  • Applied across the enterprise, at every level and unit, and includes taking an entity-level portfolio view of risk
  • Designed to identify potential events that, if they occur, will affect the entity, and to manage risk within its risk appetite
  • Able to provide reasonable assurance to an entity’s management and board of directors
  • Geared to achievement of objectives in one or more separate but overlapping categories4
The Institute of Internal Auditors (IIA) defines ERM as “a structured, consistent and continuous process across the whole organization for identifying, assessing, deciding on responses to and reporting on opportunities and threats that affect the achievement of its objectives.”5
The Risk & Insurance Management Society (RIMS) defines ERM as “a strategic business discipline that supports the achievement of an organization’s objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio.”6
When put into context, the general idea is well put by Pickett: “ERM is a process that works well at all levels in an organization and brings together the business, back office, and top strategic layers in an integrated manner. By definition, a process is immersed in the business and does not sit outside of the real work. ERM is not about setting up a new team to do ERM. It is about getting a process that feeds into the main business lines to add value and make a meaningful contribution to the bottom line.”7
Furthermore, ERM is an initiative that is championed by the highest level of management and driven down from there into the organization. ERM promulgates that “if risk is built into the equation when setting strategy for the entire business, then risk management can become a holistic process that starts at the top and filters its way down through the enterprise.”8
In response to the public’s demand for change, government managers as well as those in the private sector are looking for ways to weave risk management strategies and tactics into their everyday operations and strategic decisions at the highest level. Federal agencies are now beginning to recognize the need to weigh the probabilities of what could go wrong before it happens, the upside of doing a cost-benefit analysis for mitigating or accepting a risk, and the advantages of discussing, evaluating, and feeding risk into an agency’s strategic plan and budget regardless of the mission. ERM is fast becoming an important activity for many agencies to undertake as a solution for bringing together various agency risk activities.
Although traditional risk management has its merits, it is often still carried out in silos and stovepipes within organizations, leaving the “white spaces” between organizational functions open for interpreting the crosscutting impact of risk. ERM challenges the status quo and requires managers and leaders to step out of their organizational comfort zones and into a collaborative environment to not only discuss common risks but uncover latent risks as well. As part of ERM, the white spaces also indicate that there is room to discuss risks that do not necessarily fit into one particular functional area, but it requires perspective from every function to properly address an enterprise-wide issue that could impact the organization’s mission and strategic objectives.

STATUS OF ERM IN THE GOVERNMENT

ERM is in its infancy in the U.S. government. Other governments, such as that of Canada, have long established a national policy for ERM; in the case of Canada, nearly a decade ago. Canada’s Integrated Risk Management Framework aims to protect the public interest and maintain public trust. The Canadian framework is part of its larger objective to modernize management practices in order to make the government more citizen-focused and able to meet the changing needs and priorities of its community.9
Despite this level of ongoing risk management activity throughout the government, there has been increasing pressure on the government to do a better job at managing risks. Robert Charette, a risk management expert and founder of the ITABHI Corporation, which specializes in organizational risk management issues, writes: “Recent events, like [Hurricane Sandy] and the subprime mortgage financial meltdown, have Americans looking to their government to ensure that these catastrophes are reduced in the future. Furthermore, the public not only demands that government manages the consequences of risk, but that it deals with problems before they turn into catastrophes. Merely reacting to risk is eroding the people’s trust in government.”10
To address this issue, agencies are looking to enhance their management practices and have shown an increased interest in enterprise risk management. For example, in 2009, for the first time in its seventy-five-year history, the Federal Housing Administration (FHA) hired its first chief risk officer. The initial focus of the chief risk officer was to be the oversight and the coordination of FHA’s efforts to concentrate risk management in a single division devoted solely to managing and mitigating risk to the FHA’s insurance fund—across all FHA programs.
In addition to adding a chief risk officer, the FHA proposed specific credit policy changes that are largely focused on ensuring responsible lending and risk management for FHA-approved lenders. These changes build on lessons learned in the credit crisis and seek to align the FHA with the administration’s goal of regulatory reform. As the FHA’s stable of lenders grows, these lenders must have “skin in the game.” These credit changes will do that by ensuring they have long-term interest in the p...

Table of contents

  1. Cover
  2. Contents
  3. Figures, Tables, and Exhibits
  4. Title
  5. Copyright
  6. Foreword
  7. Preface: Managing Risk in the Current Federal Environment
  8. Introduction
  9. Chapter One: Why Enterprise Risk Management?
  10. Chapter Two: Examples of Risk Management in the Federal Government
  11. Chapter Three: Managing and Communicating Risk
  12. Chapter Four: Risk Management Frameworks and Standards
  13. Chapter Five: Risk and Performance Management
  14. Chapter Six: Building a Risk Culture
  15. Chapter Seven: ERM Maturity and Assessment
  16. Chapter Eight: ERM Core Competencies
  17. Chapter Nine: ERM Best Practices of Federal Agencies
  18. Chapter Ten: Conclusion
  19. Appendix: Index of Survey Questions and Responses
  20. About the Author
  21. Index
  22. End User License Agreement

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Enterprise Risk Management by Karen Hardy in PDF and/or ePUB format, as well as other popular books in Business & Government & Business. We have over 1.5 million books available in our catalogue for you to explore.