This Checklist was discussed during the 2022 ERM Summit Session: ERM Audit Ready. The purpose of this exercise is to analyze the agency’s ERM capabilities as they relate to the CIGIE Inspectors General Guide to Assessing Enterprise Risk Management to more thoroughly assess capabilities and identify areas of focus for future development. Accomplishments and assessments should be considered on a combination of factors, including the agency’s risk profile, risk register, maturity model(s), as well as a SWOT analysis which may be done as part of the ERM team’s annual assessment.
Ask the Experts
This tool was discussed during the 2022 ERM Summit Session: ERM Audit Ready. The purpose of PART is to foster discussion about programs and/or processes subject to audit and identify opportunities for improvement before an audit begins. The use of the PART can assist management in fulfilling its responsibility for monitoring their internal controls and evaluating the results to ensure they are operating effectively.
The RIMS Strategic and Enterprise Risk Center presents: 2022 Melissa Reynard Director of ERM at the Internal Revenue Service
In November 2021, RIMS presented the Internal Revenue Service with the society’s 2021 ERM Global Award of Distinction. The IRS was honored for its progress in anticipating emerging risks, the steps it took to create a more risk-aware culture, and ultimately developing an ERM structure to enhance risk sharing and strategic decision-making.
The honor was well deserved, as so much needed to be accomplished and implemented against the backdrop of an extended government shutdown, sweeping tax reforms and significant operational disruptions within the IRS itself caused by the COVID-19 pandemic. The government agency’s ERM program assisted its resilience amidst mounting uncertainties and vulnerabilities.
To learn more about the ERM program, we met with Melissa Reynard, director of ERM at the IRS, who was on site to receive the award at the RIMS ERM Conference 2021. Reynard has served in the position since January 2020, and previously was a senior risk advisor in the IRS Office of the Chief Risk Officer, a role she assumed in 2014.
Tips for Raising Risk Awareness at Your Agency
The Risk Awareness Toolkit for Federal Risk Practitioners is part of an ongoing collaboration between risk management professionals from the Enterprise Risk Management Community of Practice (ERM CoP), Association for Federal Enterprise Risk Management (AFERM), and AFERM Small Agency Community of Practice (SACoP). This document provides several tips for raising risk awareness and will expand in the future to contain examples and lessons learned from agencies’ successful risk awareness campaigns. Federal risk management practitioners are encouraged to leverage these tips and future examples, customizing them to align with their agency’s culture, norms, and other characteristics.
View Session Recording
Speakers: Michael Bondar, Deloitte & Touche LLP
Cynthia Vitters, Deloitte & Touche LLP
Reputational Risk and the Future of Trust: Using TrustIQ to Understand and Enhance Trust in Your Organization Deloitte understands that in today’s hyper-connected world, your organization’s reputation will drive your planning, strategy and purpose. Trust and reputation are inextricably linked, with trust being the foundation of all meaningful relationships between an entity and its various stakeholders at both the individual and organizational levels. A nice-to-have is now a must-have; a principle is now a catalyst; a value is now invaluable. In this session Deloitte’s Future of Trust practice will provide a demonstration of TrustIQ, a data-driven solution that assesses both internal and external perceptions of levels of trust in your organization. We will explore the various domains of trust, how to anticipate risks to your reputation before they manifest, and how to take action to enhance and build trust with your stakeholders.
This software demonstration/tour will highlight one of the hallmarks of rPM3 Solutions’ Aperitisoft™ software – its versatility. Using inherent features and easy user configuration, the software can support a wide range of different assessment applications. Clients are currently using Aperitisoft™ to assess information security posture (NIST & ISO 27001), environmental risk assessments (ISO 14000), project risk assessments, credit risk assessments, compliance assessments, and others. The software can also support third party risk assessments, health and safety assessments and risk-based selection of program / functional area audits.
During this session, Gary Bierc and Ken Fletcher demonstrate the versatility of the system configured to conduct a simple operational programs assessment using a set of basic criteria and automated assessment scoring.
View Session Recording
Speaker: Alyssa Lokits, Archer
This software demonstration/tour will show you how to manage you’re OMB A-123 requirements using rPM3 Solutions’ Aperitisoft™ software solution. This feature rich software was purpose-built to support ERM practitioners and logically structured to mirror the ERM process. A built-in survey tool supports risk identification, developing likelihood and impact factors, and risk evaluation and is easily tailored to meet your specific needs and unique requirements. The survey feature supports polling, interviews, and workshops, and simplifies collecting, compiling, and manipulating risk assessment information. Intuitive forms for entering information guide users through the ERM process from setting the context and risk identification through risk response planning & monitoring (including KRIs and linking to controls). Every aspect of your ERM process is captured in Aperitisoft™, so you won’t need to use excel spreadsheets or other Office suite products to get the job done.
In this session, Gary Bierc and Ken Fletcher will demonstrate how to use the software to conduct an agency strategic risk assessment.
View Session Recording
Speaker: Kate Sylvis, Guidehouse