Modernizing ERM in Federal Agencies

Date: On Demand
Duration: 1 hour
Cost: No Fee

It’s been five years since the Office of Management and Budget mandated agencies establish a more holistic enterprise risk management focus. As it updated Circular A-123 in 2016, OMB introduced a governmentwide risk management program in an attempt to formalize this approach across the government.

Today agencies understand their risks, ranging from personnel to cybersecurity to the supply chain, in more and better ways than ever before. But by making better use of their data and technology, they can more rapidly help decision makers address and mitigate risks.

Dan Zitting, the CEO of Galvanize, said much of the progress over the last five years can be attributed to improved governance processes around risk management.

“I think these agencies are showing some really good progression toward best practices. I don’t always see that with government or commercial, as having quite that much clarity on having created these more broad ranging risk and governance committees. So I think that was really strong. It’s definitely a trend that way,” Zitting said on the discussion Modernizing ERM in Federal Agencies sponsored by Galvanize, a Diligent brand. “I think it’s stronger in certain industry verticals like banking, where this is a long time practice. But to see in these federal agencies stands out so much, I thought was a bit above average, quite frankly. And something that I encourage a lot of organizations to spend some more time thinking about.”

A survey by Federal News Network of six agencies found that there was no one-size fits all approach to governance. But each of the agencies who responded, which included the IRS, the U.S. Agency for International Development, the Nuclear Regulatory Commission, the Bureau of Fiscal Service, the Consumer Financial Protection Bureau and the Education Department’s Office of Federal Student Aid, highlighted the importance of applying cross-agency governance to improve their enterprise risk management.

Zitting credited OMB Circular A-123 for creating that accountability that led to the improved governance.

Driving that governance effort is, of course, data.

Zitting said survey respondents as well as other agencies are pushing hard to improve their analytics to create more quantified information for risk management.

“I thought there was some really good comments on things like, while we’re doing a better job of getting access to data and using data, it doesn’t always necessarily mean that we’ve translated the story of what that data is saying into something really meaningful and insightful,” he said. “I think that translation from hard, quantified data to a meaningful story and insight is the one that a lot of agencies struggle with. There wasn’t a lot of recognition about the use of more advanced data, in particular, using things like artificial intelligence and machine learning to perhaps identify or quantify things that we would not have thought to ask the question of your traditional analytics.”

One big challenge, Zitting said that is common across public and private sector organizations, is the ability to get the technical and mission folks to communicate more effectively.

“I think technology that is analyzing data and makes it more accessible to less technical people, but the kinds of folks who know the right questions to ask as really can really start help bridging that gap,” he said. “There are great cleansing tools that can help people in risk management or audit or other these kind of governance functions that can see what’s missing in the data and make recommendations. But I think the ultimate place for the agencies to get to is this idea of authoritative data lakes that that have been had been cleansed and having a data governance program that risk management can evaluate, rather than having to try and unwind what’s going on in the data themselves.”

Even with solid governance, cutting edge technology and authoritative data, Zitting said the final piece to this puzzle is the people. He said employees must have the skill sets to make enterprise risk management successful.

“I think we’re often times leaning really hard on the hope of kind of finding these unicorns that know everything about risk management, know everything about the technology, etc. That’s really hard,” he said. “Rather we need to think about how we build something that is more sustainable and that enables training for folks to grow into the more advanced use of technology, the more advanced techniques of risk management as we go. That’s a really big thing that I think is now starting to emerge as we all realize we need more people to fill these mandates like what A- 123 brings.”

Join moderator Jason Miller, Roth and Zitting as they discuss:

CFPB’s approach to risk management
Data and risk management
Resilience and the CFPB
Risk management priorities
Survey takeaways
Tools for a successful ERM program

Complimentary Registration
Please register using the form on this page or call (202) 895-5023. You may need to re-enter your registration information if you previously registered for this webinar and returned to page after clearing your cookies or using a private browser.

This program is sponsored by

By providing your contact information to us, you agree: (i) to receive promotional and/or news alerts via email from Federal News Network and our third party partners, (ii) that we may share your information with our third party partners who provide products and services that may be of interest to you and (iii) that you are not located within the European Economic Area.

Marianne Roth is the Chief Risk Officer at the Consumer Financial Protection Bureau (CFPB). Since January 2017, she has been responsible for creating an ERM program and managing an agency-wide approach to risk management.

Previously, Marianne served as the Branch Manager for Enterprise Risk Management within the Office of the Chief Risk Officer in the Transportation Security Administration (TSA), U.S. Department of Homeland Security. In this role, she oversaw all ERM activities at TSA and led the agency in its efforts to significantly mature its ERM program. TSA’s ERM program was recognized by GAO in its report titled ENTERPRISE RISK MANAGEMENT: Selected Agencies’ Experiences Illustrate Good Practices in Managing Risk.

Marianne was the Director of the DHS Efficiency Review (DHS ER) in the Office of the Secretary, U.S. Department of Homeland Security (DHS). She was responsible for managing a Department-wide program to improve DHS operations by reducing costs, streamlining processes, eliminating duplication, and increasing communication and collaboration. Marianne oversaw the implementation of 46 DHS ER initiatives across the Department and identified more than $4 billion in cost avoidances. The DHS ER was recognized by Vice President Biden as a model program for all federal agencies and was recognized by GAO in its report titled STREAMLINING GOVERNMENT: Key Practices from Select Efficiency Initiatives Should Be Shared Government-wide.

In 2008, Marianne was selected to serve on the first DHS Presidential Transition Team. She was responsible for helping to educate and prepare the new DHS leadership. Marianne also served as a Program Manager in the Office of the Deputy Administrator, TSA. In this position, she was responsible for developing, designing, and leading the implementation of high complexity and high visibility programs that impact TSA’s management and operations at a national level.
Prior to joining DHS, Marianne worked with BearingPoint, and Booz Allen Hamilton where she led many complex process improvement/reengineering and organizational redesign engagements for diverse Federal clients including U.S. Department of State, U.S. Navy, U.S. Department of Health and Human Services, U.S. Department of Education, U.S. Department of the Treasury, and U.S. Department of Labor.

Marianne regularly advises other federal government agencies on their ERM implementation. She has spoken on ERM at many professional conferences and trainings including AFERM, Association for Military Comptrollers, Association of Government Accountants, Conference Board, and the Potomac Forum. Marianne was interviewed on “Government Matters” television program, WABC7 Washington for her efforts in leading TSA’s ERM program and has presented on ERM webcasts for Gartner and George Washington University. Marianne holds a MA in Political Science from the University of Connecticut and a BA in Government from Franklin and Marshall College.

Dan serves as the Managing Director and CEO at Galvanize, a Diligent Brand. His role includes executive leadership of the company’s strategy, products, underlying technology, and customer service/success.

With more than 18 years in tech, Dan has a unique combination of experience in enterprise software, tech entrepreneurship/growth, and corporate risk management & compliance. His interest is in developing technology that helps companies and governments be better citizens to their employees, communities, suppliers, and the environment while improving return to shareholders.

His (personal) purpose is to “challenge the planet’s organizations to maximize ‘total stakeholder impact’ by operating with a conscience”. Dan is a regular contributor to the Forbes Tech Council, and he has shared his insights and experience in publications like The Wall Street Journal, CFO Magazine, Bloomberg Business, Reuters, The Street, and CNBC. He has also been recognized with “40 under 40" industry leader awards from Ernst & Young, CPA Practice Advisor Magazine, Business in Vancouver, ColoradoBiz Magazine, etc.

Prior to Galvanize, Dan spent most of 10 years in professional services before founding SaaS platform and New York City tech start-up Workpapers.com—the first enterprise “cloud” software for audit and compliance management. The company was later acquired by ACL (now Galvanize), combining the power of cloud collaboration and “big data” analytics into one industry-leading platform and brand.

Galvanize has since become the global leader for GRC software. The Company defined the idea and vision of “data-driven GRC” and is delivering its vision of becoming the operating system for conscious organizations.

Jason Miller has been executive editor of Federal News Network since 2008. Jason directs the news coverage on all federal issues. He has also produced several news series – among them on whistleblower retaliation at the SBA, the overall impact of President Obama’s first term, cross-agency priority goals, shared services and procurement reform.

Modernizing ERM in Federal Agencies

Comments

Featured speakers

Marianne Roth

Dan Zitting

Jason Miller

Fed Photo of the Day

USS Zumwalt holds Change of Command ceremony