The Office of Management and Budget to release a memo or guidance in the second quarter of 2015 to set governmentwide expectations for how agencies will manage risk. Controller David Mader said lessons from implementing Circulars A-123 and A-11 could be expanded into agency mission areas.
Federal News Radio's annual chief financial officers survey found dealing with budget reductions and workforce challenges continue to be top priorities. At the National Science Foundation, CFO Martha Rubenstein said her office completed what may be the last modernized financial management system done by the private sector.
GAO has released the first major revision since 1999 of the book on management controls. The update maintains the five major components of internal control from past editions, but it adds depth in the form of 17 principles. It is meant for both federal managers and auditors.
Jenny Mattingley hosts a roundtable discussion of the current state of enterprise risk management in the federal government. August 22, 2014
The White House will release details of the President's Management Agenda any day now, and observers expect embracing risk may be an aspect of that strategy. A risk- averse federal government may find that strategy hard to implement. Linda Springer is Executive Director of the Government and Public Sector at Ernst and Young and former Comptroller at the Office of Management and Budget. Dan Blair is President and CEO of the National Academy of Public Administration and former acting OPM Director. Linda explained the concept behind enterprise risk management on In Depth with Francis Rose.
A series of management blunders and agency misbehavior in recent years ranging from the General Services Administration to the Veterans Affairs Department, haven't only put agency leaders in the hot seat — and sometimes out of work. They've also highlighted the importance of better risk-management planning by agencies, current and former federal officials told Federal News Radio as part of a special discussion on risk management.
Beth Ferrell, partner at McKenna Long & Aldridge LLP, will discuss best practices for contractors in a government shutdown environment. October 1, 2013
Joanne Woytek, program manager of the NASA SEWP program joins host Roger Waldron to talk about the contract and the implementation of SEWP 5. June 18, 2013
Joanne Woytek, program manager of the NASA SEWP program joins host Roger Waldron to talk about the contract and the implementation of SEWP 5. May 21, 2013
On this week's Bloomberg Government Capital Impact show, analysts will discuss the mass shooting at an elementary school in Newtown Connecticut. They will also talk about how President Obama plans to respond to the tragedy, and the impact that response will have on the gun lobby. December 20, 2012
The agency developed a playbook to help officials keep their processes and procedures unpredictable. Deputy Administrator John Halinski said TSA is using a risk-management approach to protecting transportation systems. GAO said DHS as a whole is doing a better job using risk to make decisions.
On this week's Bloomberg Government Capital Impact show, analysts will talk about cybersecurity and risk managment. October 18, 2012
The National Institute of Standards and Technology\'s (NIST) recent release of Special Publication 800-37, Revision 1 Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach is an important change in the direction of how federal agencies achieve information security and manage information system-related security risks. It shifts the focus away from a point in time Certification and Accreditation (C&A) approach to compliance towards continually assessing risk and security authorization. As a result, the federal information security community is sending a message to the broader federal community and creating an important discussion: the cyber threat is real and must be addressed in the context of its potential impact on an organization. Cyber security is not as simple as a \"check the box\" requirement. The paradigm shift away from point in time security and towards obtaining situational awareness of the organization\'s risk posture must be as pervasive in the federal government as the cyber threats are against us. Regarding the impact on agency security procedures, the publication is clear on the focus of its new framework, stating: The revised process emphasizes: (i) building information security capabilities into federal information systems through the application of state-of-the-practice management, operational, and technical security controls; (ii) maintaining awareness of the security state of information systems on an ongoing basis through enhanced monitoring processes; and (iii) providing essential information to senior leaders to facilitate decisions regarding the acceptance of risk to organizational operations and assets, individuals, other organizations, and the Nation arising from the operation and use of information systems. This new Risk Management Framework builds much needed flexibility into the overall federal information security lifecycle to address the increasing nature and scope of threats in real-time, providing a number of key advantages that include: Continually evaluating the organization\'s risk posture and maintaining situational awareness of its cyber security posture Understanding the state and maturity of an agency\'s cyber security program Evaluating cyber security programs at key vulnerability points: people, processes, and technology Maintaining a focus on the security program lifecycle Addressing the key functions (governance, risk, management, compliance, operations) of a security program Perhaps most importantly, agency security programs will be better positioned to evolve and mature - an absolute necessity for staying ahead of the growing and dynamic threat to our Nation\'s cyber security.
Lawmakers question TSA, NPPD on 2010 budget proposals. Rep. Jackson-Lee says NPPD may need to be reorganized.