Ask the Experts
Speakers: Mike Frueh, Deputy Assistant Secretary, Office of Enterprise Integration, Department of Veterans Affairs
Larry Koskinen, CRO, Department of Housing and Urban Development
Mick Reed, VF Corporation
Kate Kraycirik, Director, Enterprise Risk Management, MD Anderson
Moderator: Chris Hare, Ernst & Young
While the tools in the ERM playbook are helpful in gathering information on risk and then prioritizing risk, often a more fruitful examination of cross-functional risk may be accomplished through gaming, experimentation, or scenario-based planning. These techniques involve examining/walking through a given scenario (or set of scenarios) with pertinent organizational stakeholders, employing various methodologies to frame the problem and provide as much (or as little) structure, as needed. The scenario may be supported by technology (gaming tools, Google maps with data overlays, etc.) however the keys to success is having a facilitation team, skilled in expert elicitation, guiding the discussion, capturing the interchanges, then analyzing the results to assess and prioritize potential outputs to better inform risk management.
Speaker: David Fisher, Guidehouse
Safeguarding the security and privacy of sensitive customer data has become a business critical requirement. Unfortunately, most struggle to effectively prioritize among the myriad cyber risks and to make a persuasive business case for mitigation, due to an inability to quantify cyber risks and a lack of a value-based ERM approach to cyber risk management. In this session, we discuss the cybersecurity and data privacy threat landscape and how a value-based ERM approach is used to identify and mitigate the key cyber risks and help a CISO align their priorities within the ERM program.
This Resource has been removed due to a citation error.
What are benefits of pursuing enterprise risk management? How can risk management enhance agency decision-making? What is the mission of the Association for Federal Enterprise Risk Management (AFERM)? Join host Michael Keegan as he explores these questions and more with our very special guest, Tom Brandt, Chief Risk Officer, at the US Internal Revenue Service (IRS).
Artificial Intelligence (AI) has moved into the mainstream of businesses and government.
Business leaders are rushing to take advantages of the benefits that can be brought to a wide array of industries to help increase productivity. Government leaders are also moving forward, but with appropriate caution. When considering the use and application of AI related technologies, government leaders weigh different factors than their private sector counterparts. Whether it is deploying self-driving electric trolleys in a city or retrofitting city streetlights with sensors to make them “smarter,” these leaders must address issues of accountability, transparency, ethics, equity, common good, effectiveness, efficiency, managerial capacity, and political legitimacy.
The report authors put forth a threefold strategy to assist government leaders and public managers with how best to approach using AI, which includes:
- reviews of prior federal government studies on the use and application of AI. These reports reflect a number of important issues for agencies and stakeholders to consider as they begin incorporating AI; the studies also highlight the government’s broad risk management approach to AI
- a risk management framework for when and how government can and should consider using AI tools, how to use these tools, and which organizational tasks and decisions may benefit from the use of AI
- case studies of two innovative uses of AI tools to help manage risks from local governments: the City of Syracuse, New York, and the City of Bryan, Texas.
The authors close with a list of practical guidelines for government action in using AI tools to improve the overall quality of governance, while incorporating similar tools into their overall risk management strategy.