You are previewing Enterprise Risk Management: A Guide for Government Professionals.
O'Reilly logo
Enterprise Risk Management: A Guide for Government Professionals

Book Description

Practical guide to implementing Enterprise Risk Management processes and procedures in government organizations

Enterprise Risk Management: A Guide for Government Professionals is a practical guide to all aspects of risk management in government organizations at the federal, state, and local levels. Written by Dr. Karen Hardy, one of the leading ERM practitioners in the Federal government, the book features a no-nonsense approach to establishing and sustaining a formalized risk management approach, aligned with the ISO 31000 risk management framework. International Organization for Standardization guidelines are explored and clarified, and case studies illustrate their real-world application and implementation in US government agencies. Tools, including a sample 90-day action plan, sample risk management policy, and a comprehensive implementation checklist allow readers to immediately begin applying the information presented.

The book also includes results of Hardy's ERM Core Competency Survey for the Public Sector; which offers an original in-depth analysis of the Core Competency Skills recommended by federal, state and local government risk professionals. It also provides a side-by-side comparison of how federal government risk professionals view ERM versus their state and local government counterparts.

Enterprise Risk Management provides actionable guidance toward creating a solid risk management plan for agencies at any risk level. The book begins with a basic overview of risk management, and then delves into government-specific topics including:

  • U.S. Federal Government Policy on Risk Management

  • Federal Manager's Financial Integrity Act

  • GAO Standards for internal control

  • Government Performance Results Modernization Act

  • The book also provides a comparative analysis of ERM frameworks and standards, and applies rank-specific advice to employees including Budget Analysts, Program Analysts, Management Analysts, and more. The demand for effective risk management specialists is growing as quickly as the risk potential. Government employees looking to implement a formalized risk management approach or in need of increasing their general understanding of this subject matter will find Enterprise Risk Management a strategically advantageous starting point.

    Table of Contents

    1. Figures, Tables, and Exhibits
    2. Foreword
    3. Preface: Managing Risk in the Current Federal Environment
    4. Introduction
      1. State of Risk Management in Government
      2. How This Book Should Be Used
      3. Emerging Risks Today
      4. Top Government Risks
      5. Criteria
      6. Profiles of Select High-Risk Areas in Government
      7. Notes
    5. Chapter One: Why Enterprise Risk Management?
      1. Status of ERM in the Government
      2. Limitations to ERM
      3. Risk Management: What It Is and Why It Matters
      4. What Is Risk?
      5. Evolution of Risk Management
      6. Traditional Risk Management versus Enterprise Risk Management
      7. U.S. Federal Government Policy on Risk Management
      8. Establishing an Agency Risk Management Policy
      9. ERM Policy and Practice in Canada
      10. Linking ERM and Internal Control
      11. What Are the Standards for Internal Control?
      12. Assessing Internal Control Structures
      13. Overall Internal Control Summaries
      14. Notes
    6. Chapter Two: Examples of Risk Management in the Federal Government
      1. Health Risks
      2. Security Risks
      3. Financial Risks
      4. Transportation Safety Risks
      5. External Risks
      6. Case Study: Applying Risk Management in Government: National Institutes of Health
      7. Case Study: National Archives and Records Administration
      8. Notes
    7. Chapter Three: Managing and Communicating Risk
      1. Writing Risk Statements
      2. Developing a Risk Statement
      3. Inventory of Risk Statements
      4. Risk Assessment Techniques
      5. Notes
    8. Chapter Four: Risk Management Frameworks and Standards
      1. Why Voluntary Standards? A Look at OMB Circular A-119
      2. GAO Risk Management Framework
      3. ISO 31000: International Risk Management Standard
      4. COSO ERM Integrated Framework
      5. OCEG Red Book 2.0: 2009
      6. FERMA: 2002
      7. BS 31100: 2008
      8. An Expanded View of ISO 31000
      9. Notes
    9. Chapter Five: Risk and Performance Management
      1. Risk and Performance: Government
      2. Managing Risk to Performance
      3. An Expanded View of Strategic Risk Management
      4. Risk and Performance: Private Sector
      5. Standard & Poor’s ERM Analysis
      6. Notes
    10. Chapter Six: Building a Risk Culture
      1. Risk Culture Survey
      2. Notes
    11. Chapter Seven: ERM Maturity and Assessment
      1. ERM Maturity Models
      2. The Role of the Internal Auditor in ERM
      3. Case Study: The Public Safety Canada Audit of Integrated Risk Management
      4. Notes
    12. Chapter Eight: ERM Core Competencies
      1. ERM Core Competency Survey
      2. Summary of Survey Results
      3. Federal versus State and Local Government Views of ERM
    13. Chapter Nine: ERM Best Practices of Federal Agencies
      1. Ninety-Day Action Plan
      2. Sample Implementation Plan
      3. Words of Wisdom
    14. Chapter Ten: Conclusion
    15. Appendix: Index of Survey Questions and Responses
    16. About the Author
    17. Index
    18. End User License Agreement