US federal government departments and agencies are on a tight timeline to start using enterprise risk management (ERM) processes for assessing the risks they face, and then working out how to deal with them. This creates three new challenges for senior civil servants.
First they have they have had to create an “initial risk profile” for their organization, which involves identifying the most urgent and disruptive risks. Agencies have then used that as a key input into their strategic planning activities, and this means that they must now incorporate ERM into strategic and operational decisions for the first time.
Second, President Trump’s administration, with its increased emphasis on private sector experience, brings a different perspective to government. As this trend cascades to lower levels, agencies will also need to bridge this language gap with their new stakeholders to explain how ERM differs in the government context.
And then there’s the budget. The administration released its preliminary budget proposal (pdf) on March 16, embracing a “do more with less” approach through significant cuts for many federal agencies. As agencies contend with the prospect of increased resource constraints, it’s critical for them to prioritize their key initiatives and make informed tradeoffs. The best place to start with all this work is “strategic risks.”
Your Biggest Priority: Strategic Risks
A large majority (86%) of what has caused Fortune 500 companies to decline are managers’ bad strategic decisions (such as choosing to invest in the wrong product line, or failing to develop the next generation of senior managers) rather than outside influences (such as regulatory change), according to in-depth CEB research.
Obviously, this kind of decline looks starkly different in government. Federal agencies don’t contend with falling stock prices or the prospect of going out of business, but strategic risks threaten their ability to execute their mission and provide services to citizens. They could also lead to a range of anegative consequences – such as unfavorable media coverage or being called to testify in front of Congress.
Use ERM to Manage Strategic Risks
The best way for agencies to address strategic risks and then design a strategy that fortifies their organization against them is to use ERM. There are three reasons for this.
It helps inform and define strategic objectives: ERM introduces a common language or taxonomy by which to identify and categorize underlying risks. This then helps managers understand what tradeoffs they need to make when selecting attainable strategic objectives.
One ERM team in CEB’s networks tackled this challenge by interviewing business leaders to identify what they saw as the biggest risks to the organization achieving its strategic objectives. The answers were then aggregated and analyzed to create an independent view of different enterprise risks. The ERM team also created a risk tolerance frontier process, which showed how tolerant senior managers were of certain risks, based on their answers. This allowed the ERM team to help leadership make informed risk tradeoffs.
It helps agencies execute these strategic objectives: Once agencies have defined their strategic objectives, ERM can help them mitigate risks that threaten the achievement of those objectives.
Using key risk indicators (KRIs) that are linked to strategic outcomes helps track risks during the implementation of a strategy. By creating risk responses that are activated when KRIs cross risk thresholds, agencies can also quickly and efficiently mitigate risks.
It facilitates communication: In a time where many new leaders are entering government, clear and concise communication is critical. ERM reporting can serve as a powerful tool for educating new political leadership on top risks and how to prioritize initiatives.
To do this, create reporting that gives senior leaders a broad perspective, promotes flexibility, and values speed over quality and depth.