Enterprise Risk Management for the Federal Government - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

Enterprise Risk Management for the Federal Government

Description:

Title: DFAS Professional Presentation Master Author: JOE_HATCHER Last modified by: DFAS DMI Created Date: 5/26/2006 2:19:02 PM Document presentation format – PowerPoint PPT presentation

Number of Views:132
Avg rating:3.0/5.0
Slides: 26
Provided by: JOEH96
Category:

less

Transcript and Presenter's Notes

Title: Enterprise Risk Management for the Federal Government


1
Enterprise Risk Management for the Federal
Government Wheres the Value?
  • Donna Davis
  • Defense Finance and Accounting Service
  • June 2010

2
Agenda
  • ERM - Wheres the Value?
  • Putting the COSO Framework to Work in the Federal
    Sector
  • Event Identification
  • Risk Assessment
  • Risk Response
  • Control Activities
  • Information and Communication
  • Monitoring
  • Some Pitfalls to be Wary of
  • A Gallery of Tools and Techniques

3
ERM in the Federal Government Wheres the Value
  • Three Parts of Business
  • Objective
  • Risk
  • Controls

4
ERM in the Federal Government Wheres the Value
  • Three Parts of Business
  • Objective what you are trying to accomplish

Not For Profit To achieve a mission or objective
while protecting assets. Achieve goals and
objectives for resources expended. Focus on
effectiveness.
For Profit To maximize shareholder wealth or, in
the case of a corporation, to maximize the value
of the firm as measured by stock price. Realize
a benefit from resources expended. Focus on
efficiency.
5
ERM in the Federal Government Wheres the Value
  • Three Parts of Business
  • Objective what you are trying to accomplish
  • Risk the barrier that will stop you from
    accomplishing the objective

Not For Profit Avoid Risk seeking safest path to
mission achievement. Measure Impact of Risk on
Goals and Objectives.
For Profit Seek Risk as a means for expanding
market value. Measure Value at Risk.
6
ERM in the Federal Government Wheres the Value
  • Three Parts of Business
  • Objective what you are trying to accomplish
  • Risk the barrier that will stop you from
    accomplishing the objective
  • Controls the action that will remove or
    diminish the risk

Not For Profit Affect controls to assure
compliance, accountability, effectiveness/efficien
cy, reliability of reported data and safeguarding
assets.
For Profit Affect controls for the purpose of
minimizing loss.
7
ERM in the Federal Government Wheres the Value
  • What Do We Want From the Business of
    Government?
  • To be Affordable and Efficient
  • To be Effective
  • To provide Quality Service
  • To be Dependable

8
ERM in the Federal Government Wheres the Value
  • What Do We Want From the Business of Government?
  • To be Affordable and Efficient
  • To be Effective
  • To provide Quality Service
  • To be Dependable
  • So
  • We need to be able to achieve the established
    mission in order to retain the confidence of our
    funders.
  • We need to provide value for our services.
  • Bottom Line
  • We need to meet our objectives and protect
    our assets, including intangible ones such as
    reputation.

9
ERM in the Federal Government Wheres the Value
  • What Value does ERM Provide?
  • Supports Governments Governance Responsibilities
  • Improves Results
  • Strengthens Accountability
  • Enhances Stewardship

10
ERM in the Federal Government Wheres the Value
  • How does ERM support Governments Governance
    Responsibilities?
  • By ensuring that significant risk areas
    associated with polices, plans, programs and
    operations are identified and assessed.
  • By ensuring that appropriate measures are in
    place to address unfavorable impacts and to
    benefit from opportunities.

11
ERM in the Federal Government Wheres the Value
  • How does ERM Improve Results ?
  • Through more informed decision-making and by
    ensuring that values, competencies, tools, and a
    supportive environment form the foundation for
    innovation and responsible risk-taking.
  • By encouraging learning from experience while
    respecting parliamentary controls.

12
ERM in the Federal Government Wheres the Value
  • How does ERM Strengthen Accountability?
  • By demonstrating that levels of risk
    associated with policies, plans, programs and
    operations are explicitly understood.
  • By facilitating the optimum balance in risk
    management measures and stakeholder interests.

13
ERM in the Federal Government Wheres the Value
  • How does ERM Enhance Stewardship?
  • By strengthening public service capability to
    safeguard people, government property and
    interests through increased insight to the
    potential impact of abnormal events.

14
Putting the COSO Framework to Work in the Federal
Sector
DFAS-ization of COSO
15
Putting the COSO Framework to Work in the Federal
Sector
DFAS alignment to the Risk Components ensures a
robust program and strengthens compliance with
the GAO Standards for Internal Control.
16
Putting the COSO Framework to Work in the Federal
Sector
DFAS expanded the Risk Management Objectives to
address data security concerns and general
auditing standards.
17
Putting the COSO Framework to Work in the Federal
Sector
Stratification across business units and at every
level of the organization was applied to enable
accurate reflection of the interrelationships of
risks and create a common taxonomy for business
activities.
18
Putting the COSO Framework to Work in the Federal
Sector
We are actually finding this layer adds little
value as we evolve the program.
Stratification across business units and at every
level of the organization was applied to enable
accurate reflection of the interrelationships of
risks and create a common taxonomy for business
activities.
19
Some Pitfalls to be Wary of
Trying to risk manage EVERYthing
Just focusing on financial risks
An obsession with internal controls an inward
looking limitation
20
A Gallery of Tools and Techniques
  • Agency Mission and Functions Manual
  • Provides the business objectives
  • COSO Framework
  • Identifies a comprehensive view of the elements
    of a robust ERM
  • A Catchy Logo
  • CARES covers the five Risk Management
    Objectives DFAS assesses

Compliant Accountable Reliable
Accurate Effective Efficient Safeguarded
Auditors Lenses
21
A Gallery of Tools and Techniques
  • SIPOC Model
  • Guides process mapping through a complete end to
    end review of the factors impacting the business
    activity

22
A Gallery of Tools and Techniques
  • IDEF Model
  • Denotes the role of compliance/regulations/control
    s in the business activity
  • Denotes the role of the supporting mechanisms for
    the business activity

Integration DEFinition Model
23
A Gallery of Tools and Techniques
  • Risk Identification Questionnaire
  • Facilitates comprehensive and consistent
    assessment of potential risks

Courtesy of Brian Williams
24
A Gallery of Tools and Techniques
  • Process Map Narrative
  • For business processes
  • For Information Systems data flow

25
End
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com