This Federal Enterprise Risk Management (ERM) Maturity Model was developed by OMB and a pilot group of federal agencies and is included in the latest edition of the ERM Playbook.Download the Model
Risk Beyond 2022
David R. Koenig, President and CEO of the DCRO Institute from United States of America, delivers his insights on how to deal with the challenging environments we are currently facing. Risk Beyond International Conference 2022 is Asia’s premiere Risk Management conference, designed to provide governance, risk, and compliance practitioners around the world an extensive insight into various GRC issues that organizations face while cultivating shifted perceptions.
OMB Memo: Appendix D, Management of Financial Management Systems – Risk and Compliance
The Executive Office of the President, Office of Management and Budget issued this memo for the heads of executive departments and agencies that emphasizes Management’s Responsibility for Enterprise Risk Management and Internal Controls.Download the Memo
2022 OIG’s Top Unimplemented Recommendations: Solutions To Reduce Fraud, Waste, and Abuse in HHS Programs
The OIG’s Top Unimplemented Recommendations: Solutions To Reduce Fraud, Waste, and Abuse in HHS Programs is an annual publication of the Department of Health and Human Services, Office of Inspector General. In this edition, they focus on the top 25 unimplemented recommendations that, in OIG’s view, would most positively affect HHS programs in terms of cost savings, program effectiveness and efficiency, and public health and safety if implemented.Download the Checklist
U.S. Office of Government Ethics (OGE) Strategic Plan
The Orange Book 2020
In successful organisations, risk management enhances strategic planning and prioritisation, assists in achieving objectives and strengthens the ability to be agile to respond to the challenges faced. If we are serious about meeting objectives successfully, improving service delivery and achieving value for money, risk management must be an essential and integral part of planning and decision-making. While risk practices have improved over time across government, the volatility, complexity and ambiguity of our operating environment has increased, as have demands for greater transparency and accountability for managing the impact of risks. This updated guidance builds on the previous Orange Book to help improve risk management further and to embed this as a routine part of how we operate.
CFOC: DATA Act of 2014 – “Data Quality Playbook”
OMB Circular A-123, Appendix A (June 6, 2018)
Grounded in the President’s Management Agenda, this guidance will:
• Provide agencies the discretion needed to use Enterprise Risk Management and take a risk-based approach to internal controls over reporting;
• Eliminate over 100+ pages of burden and obsolete, overly prescriptive guidance to agencies; and,
• Supersede previous OMB guidance that may have provided a confusing foundation for audit criteria externally.
DHS HQ Risk Lexicon
This is the second edition of the Department of Homeland Security (DHS) Risk Lexicon and represents an update of the version published in September 2008. More than seventy terms and definitions were included in the first edition of the DHS Risk Lexicon. The 2010 edition includes fifty new terms and definitions in addition to revised definitions for twenty-three of the original terms. It was produced by the DHS Risk Steering Committee (RSC). The RSC, chaired by the Under Secretary for the National Protection and Programs Directorate and administered by the Office of Risk Management and Analysis (RMA), has produced a DHS Risk Lexicon with definitions for terms that are fundamental to the practice of homeland security risk management and analysis.
The RSC is the risk governance structure for DHS, with membership from across the Department, formed to leverage the risk management capabilities of the DHS Components and to advance Departmental efforts toward integrated risk management. The DHS Risk Lexicon makes available a common, unambiguous set of official terms and definitions to ease and improve the communication of risk-related issues for DHS and its partners. It facilitates the clear exchange of structured and unstructured data that is essential to the exchange of ideas and information amongst risk practitioners by fostering consistency and uniformity in the usage of risk-related terminology for the Department. The RSC created the Risk Lexicon Working Group (RLWG) to represent the DHS risk community of interest (COI) in the development of a professional risk lexicon. The RLWG’s risk lexicon development and management process is in accordance with the DHS Lexicon Program. Terms, definitions, extended definitions, annotations, and examples are developed through a collaborative process that is open to all DHS Components.
Definitions are validated against glossaries used by other countries and professional associations. Terms, definitions, extended definitions, annotations, and examples are then standardized grammatically according to the conventions of the DHS Lexicon Program. All terms in the DHS Risk Lexicon were completed using this process and represent the collective work of the DHS risk COI. The DHS Risk Lexicon terms and definitions will be included as part of the DHS Lexicon, and future additions and revisions will be coordinated by the RSC and RLWG in collaboration with the DHS Lexicon Program.
ERM: A Private Sector View — Members Only
Are you a member?
Not a member?