Creating a Culture of Risk Management in the IRS

The RIMS Strategic and Enterprise Risk Center presents: 2022 Melissa Reynard Director of ERM at the Internal Revenue Service

In November 2021, RIMS presented the Internal Revenue Service with the society’s 2021 ERM Global Award of Distinction. The IRS was honored for its progress in anticipating emerging risks, the steps it took to create a more risk-aware culture, and ultimately developing an ERM structure to enhance risk sharing and strategic decision-making.

The honor was well deserved, as so much needed to be accomplished and implemented against the backdrop of an extended government shutdown, sweeping tax reforms and significant operational disruptions within the IRS itself caused by the COVID-19 pandemic. The government agency’s ERM program assisted its resilience amidst mounting uncertainties and vulnerabilities.

To learn more about the ERM program, we met with Melissa Reynard, director of ERM at the IRS, who was on site to receive the award at the RIMS ERM Conference 2021. Reynard has served in the position since January 2020, and previously was a senior risk advisor in the IRS Office of the Chief Risk Officer, a role she assumed in 2014.

Download the Interview

Risk Management in the AI Era: Navigating the Opportunities and Challenges of AI Tools in the Public Sector

Artificial Intelligence (AI) has moved into the mainstream of businesses and government.

Business leaders are rushing to take advantages of the benefits that can be brought to a wide array of industries to help increase productivity. Government leaders are also moving forward, but with appropriate caution. When considering the use and application of AI related technologies, government leaders weigh different factors than their private sector counterparts. Whether it is deploying self-driving electric trolleys in a city or retrofitting city streetlights with sensors to make them “smarter,” these leaders must address issues of accountability, transparency, ethics, equity, common good, effectiveness, efficiency, managerial capacity, and political legitimacy.

The report authors put forth a threefold strategy to assist government leaders and public managers with how best to approach using AI, which includes:

  • reviews of prior federal government studies on the use and application of AI. These reports reflect a number of important issues for agencies and stakeholders to consider as they begin incorporating AI; the studies also highlight the government’s broad risk management approach to AI
  • a risk management framework for when and how government can and should consider using AI tools, how to use these tools, and which organizational tasks and decisions may benefit from the use of AI
  • case studies of two innovative uses of AI tools to help manage risks from local governments: the City of Syracuse, New York, and the City of Bryan, Texas.

The authors close with a list of practical guidelines for government action in using AI tools to improve the overall quality of governance, while incorporating similar tools into their overall risk management strategy.

Getting Ahead of Risks Before They Become Government Failures

An Imperative for Agency Leaders to Embrace Enterprise Risk Management

Several recent reports and studies have detailed a range of worsening trends and developments that are creating an increased risk for significant government failure. Many of the reports offer recommendations for action by Congress and the Administration. However, they do not go as far to suggest and recognize what agency leaders can do, and in many cases are doing, to help address these challenges. This paper, from the Senior Executives Association (SEA) and the Association for Federal Enterprise Risk Management (AFERM), aims to highlight how agency leaders can use enterprise risk management to reduce the risk of government failure while increasing the likelihood for the successful delivery of agency missions.

ERM in Government Textbook: “Enterprise Risk Management: A Guide for Government Professionals”

Enterprise Risk Management: A Guide for Government Professionals is a practical guide to all aspects of risk management in government organizations at the federal, state, and local levels. Written by Dr. Karen Hardy, one of the leading ERM practitioners in the federal government, the book features a no-nonsense approach to establishing and sustaining a formalized risk management approach, aligned with the ISO 31000 risk management framework. International Organization for Standardization guidelines are explored and clarified, and case studies illustrate their real-world application and implementation in US government agencies. Tools, including a sample 90-day action plan, sample risk management policy, and a comprehensive implementation checklist allow readers to immediately begin applying the information presented.

The book also includes results of Hardy’s ERM Core Competency Survey for the Public Sector; which offers an original in-depth analysis of the Core Competency Skills recommended by federal, state and local government risk professionals. It also provides a side-by-side comparison of how federal government risk professionals view ERM versus their state and local government counterparts.

Enterprise Risk Management provides actionable guidance toward creating a solid risk management plan for agencies at any risk level. The book begins with a basic overview of risk management, and then delves into government-specific topics including:

  • U.S. Federal Government Policy on Risk Management
  • Federal Manager’s Financial Integrity Act
  • GAO Standards for internal control
  • Government Performance Results Modernization Act

The book also provides a comparative analysis of ERM frameworks and standards, and applies rank-specific advice to employees including Budget Analysts, Program Analysts, Management Analysts, and more. The demand for effective risk management specialists is growing as quickly as the risk potential. Government employees looking to implement a formalized risk management approach or in need of increasing their general understanding of this subject matter will find Enterprise Risk Management a strategically advantageous starting point.

Order Online

Why ‘complete ERM’ is a myth

A CGMA Magazine article by Neil Amato. Risk oversight has grown in importance among all types of organisations this decade, but some of the gains can be attributed to public companies responding to US Securities and Exchange Commission (SEC) rules related to risk disclosures…

View Article Online

AGA Research Series: An Agency Guide for ERM Implementation

This AGA guide seeks to answer questions about: why ERM, how to integrate ERM into an agency’s culture and ways of doing business, and the value of ERM.

The guide is organized as follows:

  • Section I introduces ERM.
  • Section II discusses the design options for adding ERM to an agency’s processes. There is no one-size-fits-all. Rather, ERM can be viewed as a management tool that, to provide its benefits, requires a good organizational home and integration into other agency processes such as strategic planning, budgeting, and decision making.
  • Section III offers approaches to establishing the ERM function. ERM depends on widespread understanding of its benefits, and this section discusses how that can be achieved in an agency.
  • Section IV discusses the implementation of ERM and how all organizational components – agency managers and staff, the CRO, the risk committeerisk management committee, and especially agency leaders – fit together to make ERM a beneficial reality rather than merely an empty compliance exercise.
  • Finally, Section V concludes with observations about why ERM is such a powerful tool and how it differs from more traditional management approaches.
Download