Agencies Get a New Playbook for Managing Risks

The guidelines, which are being circulated by GSA and the Partnership for Public Service, provide an action plan for complying with the updated Circular A-123.

The General Services Administration, in cooperation with the nonprofit Partnership for Public Service, on Friday launched a new “playbook” for enterprise risk management that aims to improve decision-making and planning across government.

The “Playbook: Enterprise Risk Management (ERM)” is the action plan for complying with the Office of Management and Budget’s recent update of Circular A-123.

Bylined by the Chief Financial Officers Council and the OMB-led interagency Performance Improvement Council, the playbook “was developed as part of an interagency effort convened by the Office of Executive Councils to bring together risk practitioners and cross-functional representatives from more than 20 federal agencies to gather, define, and illustrate practices in applying ERM in the federal context,” GSA said in a release.

Employees at all levels should find the booklet useful, the authors contend. “An agency-wide ERM program should enhance the decision-making processes involved in agency planning including strategic and tactical planning, human capital planning, capital investment planning, program management and budget formulation,” the playbook says. “It should build on the individual agency’s risk management activities already underway and encompass all of the agency’s operations.”

GSA stressed that the playbook will help agencies “make better decisions based on a more holistic view of risks and their interdependencies,” while “formalizing the great work already undertaken by many other agencies in this area.”

Todd Grams, managing director at Deloitte Advisory and a leader in promoting the discipline, told Government Executive, “OMB’s revisions to A-123 is a fundamental shift for the government from internal controls to enterprise risk management. ERM is a two-sided coin: While there are risks that threaten mission, there are also intelligent risks to help mission achievement—an important perspective for government leaders to have.”

Grams, a former chief financial officer of the Veterans Affairs Department who has also worked at OMB, the Census Bureau and the Internal Revenue Service, added, “Throughout the government, agencies are already doing risk management but it’s being done in silos. The playbook gives agencies a framework to elevate risk management to the enterprise level and bring greater consistency and also to integrate it across an agency.”

He stressed that “ERM is not a ‘gotcha’ or oversight exercise. Part of ERM is about building a culture of raising risks and addressing them before those risks become a crisis.”