2022 OIG’s Top Unimplemented Recommendations: Solutions To Reduce Fraud, Waste, and Abuse in HHS Programs

The OIG’s Top Unimplemented Recommendations: Solutions To Reduce Fraud, Waste, and Abuse in HHS Programs is an annual publication of the Department of Health and Human Services, Office of Inspector General. In this edition, they focus on the top 25 unimplemented recommendations that, in OIG’s view, would most positively affect HHS programs in terms of cost savings, program effectiveness and efficiency, and public health and safety if implemented.

Download the Checklist

Pre-Audit Readiness Tool (PART)

This tool was discussed during the 2022 ERM Summit Session: ERM Audit Ready. The purpose of PART is to foster discussion about programs and/or processes subject to audit and identify opportunities for improvement before an audit begins. The use of the PART can assist management in fulfilling its responsibility for monitoring their internal controls and evaluating the results to ensure they are operating effectively. 

Download the Tool

Creating a Culture of Risk Management in the IRS

The RIMS Strategic and Enterprise Risk Center presents: 2022 Melissa Reynard Director of ERM at the Internal Revenue Service

In November 2021, RIMS presented the Internal Revenue Service with the society’s 2021 ERM Global Award of Distinction. The IRS was honored for its progress in anticipating emerging risks, the steps it took to create a more risk-aware culture, and ultimately developing an ERM structure to enhance risk sharing and strategic decision-making.

The honor was well deserved, as so much needed to be accomplished and implemented against the backdrop of an extended government shutdown, sweeping tax reforms and significant operational disruptions within the IRS itself caused by the COVID-19 pandemic. The government agency’s ERM program assisted its resilience amidst mounting uncertainties and vulnerabilities.

To learn more about the ERM program, we met with Melissa Reynard, director of ERM at the IRS, who was on site to receive the award at the RIMS ERM Conference 2021. Reynard has served in the position since January 2020, and previously was a senior risk advisor in the IRS Office of the Chief Risk Officer, a role she assumed in 2014.

Download the Interview

Risk Awareness Toolkit for Federal Risk Practitioners

 Tips for Raising Risk Awareness at Your Agency 

The Risk Awareness Toolkit for Federal Risk Practitioners is part of an ongoing collaboration between risk management professionals from the Enterprise Risk Management Community of Practice (ERM CoP), Association for Federal Enterprise Risk Management (AFERM), and AFERM Small Agency Community of Practice (SACoP). This document provides several tips for raising risk awareness and will expand in the future to contain examples and lessons learned from agencies’ successful risk awareness campaigns. Federal risk management practitioners are encouraged to leverage these tips and future examples, customizing them to align with their agency’s culture, norms, and other characteristics. 

Download the Toolkit

Using TrustIQ to Understand and Enhance Trust in Your Organization Virtual Demo – 2021

View Session Recording


Speakers: Michael Bondar, Deloitte & Touche LLP
Cynthia Vitters, Deloitte & Touche LLP

Reputational Risk and the Future of Trust: Using TrustIQ to Understand and Enhance Trust in Your Organization Deloitte understands that in today’s hyper-connected world, your organization’s reputation will drive your planning, strategy and purpose. Trust and reputation are inextricably linked, with trust being the foundation of all meaningful relationships between an entity and its various stakeholders at both the individual and organizational levels. A nice-to-have is now a must-have; a principle is now a catalyst; a value is now invaluable. In this session Deloitte’s Future of Trust practice will provide a demonstration of TrustIQ, a data-driven solution that assesses both internal and external perceptions of levels of trust in your organization. We will explore the various domains of trust, how to anticipate risks to your reputation before they manifest, and how to take action to enhance and build trust with your stakeholders.

Demonstrating Aperitisoft™ Versatility Virtual Demo – 2021

View Session Recording


Speakers: Gary Bierc, rPM3 Solutions
Ken Fletcher, Kestrel Hawk Consulting

This software demonstration/tour will highlight one of the hallmarks of rPM3 Solutions’ Aperitisoft™ software – its versatility. Using inherent features and easy user configuration, the software can support a wide range of different assessment applications. Clients are currently using Aperitisoft™ to assess information security posture (NIST & ISO 27001), environmental risk assessments (ISO 14000), project risk assessments, credit risk assessments, compliance assessments, and others. The software can also support third party risk assessments, health and safety assessments and risk-based selection of program / functional area audits.

During this session, Gary Bierc and Ken Fletcher demonstrate the versatility of the system configured to conduct a simple operational programs assessment using a set of basic criteria and automated assessment scoring.

Tackling OMB A 123 with Aperitisoft Virtual Demo – 2021

View Session Recording


Speaker: Gary Bierc, rPM3 Solutions
Ken Fletcher, Kestrel Hawk Consulting

This software demonstration/tour will show you how to manage you’re OMB A-123 requirements using rPM3 Solutions’ Aperitisoft™ software solution. This feature rich software was purpose-built to support ERM practitioners and logically structured to mirror the ERM process. A built-in survey tool supports risk identification, developing likelihood and impact factors, and risk evaluation and is easily tailored to meet your specific needs and unique requirements. The survey feature supports polling, interviews, and workshops, and simplifies collecting, compiling, and manipulating risk assessment information. Intuitive forms for entering information guide users through the ERM process from setting the context and risk identification through risk response planning & monitoring (including KRIs and linking to controls). Every aspect of your ERM process is captured in Aperitisoft™, so you won’t need to use excel spreadsheets or other Office suite products to get the job done.

In this session, Gary Bierc and Ken Fletcher will demonstrate how to use the software to conduct an agency strategic risk assessment.