Ask the Experts

Risk Management in the AI Era: Navigating the Opportunities and Challenges of AI Tools in the Public Sector

Artificial Intelligence (AI) has moved into the mainstream of businesses and government.

Business leaders are rushing to take advantages of the benefits that can be brought to a wide array of industries to help increase productivity. Government leaders are also moving forward, but with appropriate caution. When considering the use and application of AI related technologies, government leaders weigh different factors than their private sector counterparts. Whether it is deploying self-driving electric trolleys in a city or retrofitting city streetlights with sensors to make them “smarter,” these leaders must address issues of accountability, transparency, ethics, equity, common good, effectiveness, efficiency, managerial capacity, and political legitimacy.

The report authors put forth a threefold strategy to assist government leaders and public managers with how best to approach using AI, which includes:

  • reviews of prior federal government studies on the use and application of AI. These reports reflect a number of important issues for agencies and stakeholders to consider as they begin incorporating AI; the studies also highlight the government’s broad risk management approach to AI
  • a risk management framework for when and how government can and should consider using AI tools, how to use these tools, and which organizational tasks and decisions may benefit from the use of AI
  • case studies of two innovative uses of AI tools to help manage risks from local governments: the City of Syracuse, New York, and the City of Bryan, Texas.

The authors close with a list of practical guidelines for government action in using AI tools to improve the overall quality of governance, while incorporating similar tools into their overall risk management strategy.

Decision Making Framework — Risk Acceptance Form and Tool (RAFT)

The purpose of this form is to provide a consistent framework for the Service that can be leveraged within a unit’s existing governance or management approval processes to clearly document business decisions in the context of risk appetite and/or acceptance. This document can be used in various ways, including the following:

1) a framework to assess various options in making decisions for achievement of objectives,

2) a guide to articulate rationale behind those decisions within the context of risk appetite, and

3) a documentation trail to support these business decisions. Refer to the end of this document for instructions and additional guidance regarding use of the tool.

Getting Ahead of Risks Before They Become Government Failures

An Imperative for Agency Leaders to Embrace Enterprise Risk Management

Several recent reports and studies have detailed a range of worsening trends and developments that are creating an increased risk for significant government failure. Many of the reports offer recommendations for action by Congress and the Administration. However, they do not go as far to suggest and recognize what agency leaders can do, and in many cases are doing, to help address these challenges. This paper, from the Senior Executives Association (SEA) and the Association for Federal Enterprise Risk Management (AFERM), aims to highlight how agency leaders can use enterprise risk management to reduce the risk of government failure while increasing the likelihood for the successful delivery of agency missions.

Summary of April 2018 ERM Workshop: Beyond Compliance, Driving Organizational Value

On April 16, 2018, the Association of Government Accountants (AGA) and the Association for Federal Enterprise Risk Management (AFERM) held the second annual enterprise risk management (ERM) workshop with federal government professionals. This workshop provided an opportunity for over 150 professionals to hear ERM thought leadership from senior government leaders and discuss with their colleagues how ERM can, and is, driving organizational value and enhancing performance. This summary report shares the information discussed during this workshop.

ERM: Getting Everyone on Board without Sinking the Ship – 2018

In this 2018 Summit presentation… Successful ERM programs drive a cultural change that increases risk-awareness and transparency to inform risk-based decision making throughout the organization. Learn about the 10 building blocks of risk leader success, targeted risk communications, and other leading ERM practices from thought leaders in academia and non-profit sectors.

Speakers: Chris Mandel, Sedgwick Institute; Mahesh Joshi, GMU; Joe Pugh, AARP

Techniques, Templates, and Toolkits in a Flash! – 2018

In this 2018 Summit presentation… Technology, tools, and templates should be seen as accelerators for a sound Enterprise Risk Management (ERM) framework, not a substitute. As with most other aspects of ERM implementation, the tools and templates developed and deployed by an ERM program should follow a maturity model approach and be customized to an organization. 

Tool or templates are only as good as the information input and how effectively their outputs put the right information in front of the right people at the right time. During this session, attendees learned how federal ERM programs have developed and deployed tools to support their programs’ maturation. Organizations beginning their ERM journeys can learn what tools provided the greatest value to the ERM program and organizational leadership from the initial stages of ERM implementation. While organizations with mature ERM programs can hear how tools continue to support organizations in making risk-informed decisions.

Speakers: Doug Clift, Census Bureau; Greg Keith, Ginnie Mae; Jason Leecost, Ginnie Mae; Debra Elkins, HHS

Effective Integration of ERM and Internal Control – 2018

In this 2018 Summit presentation… OMB Circular A-123 requires Federal agencies to integrate their ERM and internal controls activities. In this session, the Enterprise Risk Management Officer and Director of Internal Controls for the National Institute of Standards and Technology (NIST) shared their experiences and the progress they’ve made toward this goal. The speakers described NIST’s ERM-Internal Controls Integration Framework, NIST’s new Audit Subcommittee, and lessons learned.

Speakers: Nahla Ivy, NIST; April Szuchyt, NIST