Risk management is a coordinated activity to communicate, direct and control challenges to agency goals and objectives. ERM risk profiles should capture A-123 risk and control objective assessments, including risks related to cybersecurity. This presentation developed by executives with the National Science Foundation (NSF) was presented at AFERM’s March 2018 Small Agency Community of Practice (SACoP) meeting. This presentation includes information related to FISMA and Financial Statement audit evaluations, IG management challenges, and cybersecurity risk management.
SACoP Presentation: Enterprise Risk Management (ERM) and Cybersecurity
Disclaimer of Warranty; Due Diligence. The resources and associated files are being offered "as is," and AFERM and the contributing authors disclaims all warranties of quality, whether express or implied, including the warranties of merchantability and fitness for particular purpose. The resource content recipient acknowledges that it has not been induced by any statements or representations of any person with respect to the quality or condition of the resource and associated files and that no such statements or representations have been made.
Limitation of Liability. Neither AFERM, its officers, directors, employees, agents, or contractors nor any contributing authors will be liable for any indirect, special, consequential, or punitive damages (including lost profits) arising out of or relating to these resources and associated files (whether for breach of contract, tort, negligence, or other form of action) and irrespective of whether the AFERM or the contributing authors have been advised of the possibility of any such damage.