Risk & Crisis Management
It's More Than Compliance
The ability to manage financial, technology and organizational risk well is essential. Policy makers, government employees and the general public expect nothing less. Today's definition of risk management should also include a clear link to performance. But the fact remains, compliance with regulations and standards can be time consuming and costly. Today's governance, risk and compliance management strategies must seek to lower the cost of compliance while ensuring alignment with your most pressing performance objectives and agency goals. And in a time of increased security risks, emergency preparedness must be a fundamental part of risk management.
Today's Challenges:
Identify and manage enterprise risk. Develop a clear understanding of risk and link it to performance. [More +]
What is the challenge: Although formal risk management initiatives are not a requirement in the federal space, agency leaders are embracing risk management principles, many of which come from the commercial sector. Risk management efforts can mitigate exposure to financial, strategic, operations and compliance issues and give program leaders the information needed to make better decisions related to performance. Risk management strategies require collaboration among a wider group of stakeholders in order to avoid duplicative efforts, identify risks faster, and to better align efforts with performance expectations.
Related Services:
• Enterprise Risk Management
• IT Audit and Technology Risk
• Continuity of Operations Planning
• IT Strategy and Enterprise Architecture
Ensure continuity of operations. The ability to sustain the core functions of government is critical to maintaining citizens' confidence. [More +]
What is the challenge: Whether the disruption is a power outage, IT failure or national incident, sustaining the core functions of government is crucial. The development of continuity plans must cover the core business functions and services required to meet the needs of your customers - the U.S. citizens. However, adequate preparation is a significant investment of time and resources. Given the unpredictable nature of most disruptions it is important to identify a wide range of scenarios and to develop appropriate response plans. Taking into account location, critical functions, and necessary recovery time, you must have the ability to recover and sustain operations related to essential public services and interagency coordination when faced with major disruptions or emergencies.
Related Services:
• Enterprise Risk Management
• IT Audit and Technology Risk
• Continuity of Operations Planning
• IT Strategy and Enterprise Architecture
Rapid response to compliance breakdowns. Unfortunately fraud happens in government. Prevention and rapid response are required. [More +]
What is the challenge: The fact is fraud, waste and abuse, and other compliance breakdowns happen in government just as they do in other sectors. Compliance failures due to mismanagement, fraud, poor planning or ineffective controls can have significant implications including reputational damage, pulled funding and other consequences. This requires the ability to quickly gather facts, engage key parties, perform analysis and defend allegations. Rapid response can require subject matter expertise in forensic accounting, financial reporting, Governance Risk and Compliance, IT and other areas.
Related Services:
• Enterprise Risk Management
• IT Audit and Technology Risk
Protect critical and sensitive data. Security threats are growing from internal and external sources. [More +]
What is the challenge: The risk of data breach from malicious and unintentional threats must be recognized and managed. System configuration errors, unintended disclosure from thumb-drive data transfer, and even accidental posting to public websites are all culprits. To reduce the likelihood of compromise for critical information, sensitive data must be identified, located, tracked, catalogued, and assessed in a systematic and ongoing process. Program managers must be aware of requirements and standards. These can include guidance from the Organization for Economic Co-operation and Development (OECD), Fair Information Practices, Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), Children Online Privacy Protection Act (COPPA), the U.S. Computer Fraud and Abuse Act, the Patriot Act, and the EU Data Protection Directive, to name a few. Suffice it to say, acomprehensive data security, privacy and confidentiality plan is required in the government sector as much as the private sector. Networks and infrastructure also need to be designed and managed with data privacy goals in mind.
Related Services:
• Enterprise Risk Management
• IT Audit and Technology Risk
• Advanced and Converged Networks
• Infrastructure Design and Installation
• Virtualization and Green IT
• IT Strategy and Enterprise Architecture
Emergency preparedness, management and response. It's about more than interoperable communications. [More +]
What is the challenge: Today's state, local and federal emergency managers need integrated emergency management and response strategies and plans. Federal, state and local authorities must be able to work together, and work together quickly, to preserve life, ensure continuity of operations and protect critical infrastructure when faced with an emergency or national crisis. But there are challenges. Competing budget priorities, cumbersome grant processes, inter-governmental coordination roadblocks and a legacy of stovepipe systems make it hard to achieve optimal preparedness. Other challenges include limitations of public communications infrastructure, technical hurdles to accessing vital data (voice, data, video) from disparate systems at the scene, outdated standard operating procedures and insufficient training.
Related Services:
• Continuity of Operations Planning
• Advanced and Converged Networks
• Infrastructure Design and Installation
• Mobile and Transportable Communications
