A recent FAA initiative spanning 14 months, involved a change management effort to build a three-year organizational strategy while applying evidence-based management practices in alignment with the Federal Data Strategy and the Evidence Act. Increasing the rigor behind data collection and analysis cannot be left to the “research arm” of the organization. Risk data, risk information and risk knowledge are not synonymous concepts yet are often used as such. Informed executive decision-making means sorting through the evidence derived from the four primary sources to moderate strategic conversations and prioritize measurable activities. The result can be improved organizational outcomes in service to the American public. This presentation will cover the framework of the approach and those lessons learned offering value to federal colleagues and their ERM efforts. A White Paper is available, titled Improving Strategic Outcomes with Evidence-Based Management: An FAA Experience.

Ashley Zink, the Commonwealth of Pennsylvania’s Chief Risk Officer and Special Assistant to the Chief Accounting Officer, and Stephen Skardon, the City of Chicago’s Chief Risk Officer, will provide observations on risk management as embedded in successfully addressing key pillars of their mission such as accountability, civic engagement, diversity and inclusion, efficient budgeting, equity, government integrity and ethics, transformation, and transparency.

This session will presents 3 experts that have hands-on experience implementing technology solutions in support of their risk management objectives. The dialogue will be presented in the form of questions from the moderator and answers from the panel experts. The questions and answers will touch on all three Summit tracks with a primary focus on Delivering Value to Decisionmakers through technology.

The Presidents Panel discusses the evolution of Federal ERM, the differences between implementation of ERM in the Federal Space and Commercial Space and resulting lessons learned and best practices, and the future of ERM including the relationship between federal agencies and GAO, OMB, etc.

Hear from Brenda Boultwood on how the IMF is aligning ERM with the broader enterprise objectives beyond traditional compliance and operational areas.

Inevitably, agency ERM offices will receive a knock on the door and find that the IG or GAO has arrived to initiate an audit of the ERM program. To avoid being caught unprepared for the eventual audit, there are steps ERM teams can take to become “audit-ready.” In this session, we’ll share several tools, techniques and actions that can be deployed by ERM teams to assess a program’s overall level of audit readiness, identify gaps, and pinpoint opportunities for shoring up your preparedness now. Topics to be covered include: Using a Pre-Audit Readiness Assessment Tool (PART), Considering the CIGIE ERM Practitioner’s Guide for IGs, Leveraging Maturity/Capability Models, Proactively Communicating/Engaging with the IG, and more.

Reputational Risk and the Future of Trust: Using TrustIQ to Understand and Enhance Trust in Your Organization Deloitte understands that in today’s hyper-connected world, your organization’s reputation will drive your planning, strategy and purpose. Trust and reputation are inextricably linked, with trust being the foundation of all meaningful relationships between an entity and its various stakeholders at both the individual and organizational levels. A nice-to-have is now a must-have; a principle is now a catalyst; a value is now invaluable. In this session Deloitte’s Future of Trust practice will provide a demonstration of TrustIQ, a data-driven solution that assesses both internal and external perceptions of levels of trust in your organization. We will explore the various domains of trust, how to anticipate risks to your reputation before they manifest, and how to take action to enhance and build trust with your stakeholders.

This software demonstration/tour will highlight one of the hallmarks of rPM3 Solutions’ Aperitisoft™ software – its versatility. Using inherent features and easy user configuration, the software can support a wide range of different assessment applications. Clients are currently using Aperitisoft™ to assess information security posture (NIST & ISO 27001), environmental risk assessments (ISO 14000), project risk assessments, credit risk assessments, compliance assessments, and others. The software can also support third party risk assessments, health and safety assessments and risk-based selection of program / functional area audits.

During this session, Gary Bierc and Ken Fletcher demonstrate the versatility of the system configured to conduct a simple operational programs assessment using a set of basic criteria and automated assessment scoring.