Ask the Experts
Tool or templates are only as good as the information input and how effectively their outputs put the right information in front of the right people at the right time. During this session, attendees learned how federal ERM programs have developed and deployed tools to support their programs’ maturation. Organizations beginning their ERM journeys can learn what tools provided the greatest value to the ERM program and organizational leadership from the initial stages of ERM implementation. While organizations with mature ERM programs can hear how tools continue to support organizations in making risk-informed decisions.
This presentation provides a case study for operationalizing risk management in the grants world, and more generally at the sub-agency level. Those seeking to integrate risk management into their operations heard about project challenges and successes, key risk findings and recommendations, and considerations when taking on such a project. During the presentation, the speakers:
- Explained the context within which HRSA determined to launch such an ambitious study, and the questions faced in developing the project;
- Briefly walked through the tools developed to document and assess key risks and opportunities;
- Described the findings of the study and how ERM principles were applied; and
- Discussed the challenges and limitations faced with a risk management study of this kind.
In this 2018 Summit presentation… CIO’s lessons learned in leveraging ERM to mitigate cybersecurity risks, including:
- Innovative approaches for staying ahead of emerging risks
- Motivating a risk culture that promotes transparency
- Integrating risk monitoring with other entities (OIG, OMB, DHS, Board of Directors, others)
- Best practices for addressing (and mitigating) reputational risks
Speaker: Howard Whyte, Chief Information Officer (CIO) and Chief Privacy Officer (CPO), FDIC
Speaker: Ron Ross, NIST