In this GAO Report to the Committee on Oversight and Government Reform, House of Representatives, December 2016, they look at Enterprise Risk Management.
Why GAO Did This Study:
Federal leaders are responsible for managing complex and risky missions. ERM is a way to assist agencies with managing risk across the organization. In July 2016, the Office of Management and Budget (OMB) issued an updated circular requiring federal agencies to implement ERM to ensure federal managers are effectively managing risks that could affect the achievement of agency strategic objectives.
GAO’s objectives were to (1) update its risk management framework to more fully include evolving requirements and essential elements for federal enterprise risk management, and (2) identify good practices that selected agencies have taken that illustrate those essential elements.
GAO reviewed literature to identify good ERM practices that generally aligned with the essential elements and validated these with subject matter specialists.
GAO also interviewed officials representing the 24 Chief Financial Officer (CFO) Act agencies about ERM activities and reviewed documentation where available to corroborate officials’ statements. GAO studied agencies’ practices using ERM and selected examples that best illustrated the essential elements and good practices of ERM.
GAO provided a draft of this report to OMB and the 24 CFO Act agencies for review and comment. OMB generally agreed with the report. Of the CFO act agencies, 12 provided technical comments, which GAO included as appropriate; the others did not provide any comments.