ERM for Mission Success in the 21st Century: Lessons from Research
The Center recently co-hosted a seminar on Enterprise Risk Management (ERM) earlier this month, in partnership with the Association for Federal Enterprise Risk Management (AFERM) and the Senior Executives Association (SEA). Panelist experts provided an overview of “ERM in Action,” offered insights on private sector risk management tools, and shared the latest research on setting a foundation for successful ERM in government. We have excerpted key highlights from the session in a podcast, and summarize key points below.
Our first panel, “ERM in Action,” featured Rajni Goel, Professor at Howard University; Tim Persons, Chief Scientist and Managing Director of the Science, Technology Assessment, and Analytics team for GAO; and Karin O’Leary, Center Fellow and former Chief Financial Officer of the Administrative Office of the U.S. Courts. The panel discussed recent research on ERM including Managing Cybersecurity Risk in Government, Financial Management for the Future, and More than Meets AI – Part I & Part II.
Dr. Goel explained that “many leaders are in a reactive mode [when it comes to ERM]. We have legacy systems and new technology on top of them, which increases the risk because of poor integration. It’s a band-aid to the problem.” When asked about IT knowledge as Millennials enter the workforce, Dr. Persons described the importance of culture in an organization. “Our job is to create the space for innovation. We need to try to merge the cleverness of young people with the wisdom of those who have been around for awhile.”
We were then joined by Carol Fox, Vice President of Strategic Initiatives for RIMS, who presented risk management trends from the private sector. She encouraged participants to use AI, blockchain, and IoT to provide more information faster and with more clarity and security. She shared the importance of being proactive rather than always reactive when it comes to ERM. Ms. Fox explained, “everyday decision makers need to be thinking about risk as they make decisions. In strategic and complex areas, there is often not a lot of data, so one needs to test out assumptions [when making decisions].”
In our third panel, Dr. Karen Hardy, Deputy Director for Risk Management at the U.S. Department of Commerce discussed the state of ERM today, the evolution of ERM in government (building on the report she wrote for us prior to working with the Department of Commerce) as a tool to improve government decision making and results, and the growing importance of managing risk across the federal government enterprise. At the Department of Commerce, risk management functions exist within each of the 13 bureaus, and an assessment tool for ERM generates important data. Dr. Hardy shared, “This information can be used as a strategy tool for leadership and help link controls to things already being measured.”
Dr. Hardy also shared that agencies could derive value from tapping into maturity assessment tools, attending the annual AFERM Federal Risk Information Summit, and creating conversations with other agencies for knowledge sharing. Dr. Hardy stated the importance of having a Chief Risk Officer in an agency, and enabling the community of risk professionals to stay connected and learn from colleagues across the globe.
The active dialogue at the session showed that ERM has matured tremendously and agencies are moving forward accordingly. We look forward to continuing the focus on ERM as a tool to help agencies achieve their missions and carry out their programs.