Times Are Changing: Risk Identification and Effective Management | Deloitte US has been added to your bookmarks.
Times are changing
Risk identification and effective management
The rise of cyber-attacks. Evolving terrorist threats. Human capital challenges. Managing enterprise level risks is an increasingly urgent imperative for Federal agencies.
The risk intelligent model
How do federal organizations bridge the gap between timely identification of emerging risks and effectively responding to them so as to avoid operational disruption? Those hoping to capitalize on the advantages of change while preventing or mitigating threats should become active managers of many types of risk, particularly those that can truly impact an organization’s ability to fulfill its mission. To do this, federal agencies need to anticipate future threats to the core mission and related support activities. They should also have defined and repeatable processes in place to actively assist leadership with anticipating, identifying, and managing risks, as opposed to waiting to respond to risks once they occur.
Managing risk in uncoordinated and isolated silos can lead to blind spots and unanticipated events that put the federal agency in a vulnerable position with congressional oversight bodies and program stakeholders. Not knowing about a risk or threat does not relieve leadership of their primary accountability for managing it.
Managing risk at the enterprise level takes on increasing urgency as federal agencies come to grips with a growing list of emerging threats:
- The rise of cyber-attacks. The 2014 Quadrennial Homeland Security Review found that “growing cyber threats are signiﬁcantly increasing risks to critical infrastructure, to the greater US economy, and imperiling the information security of the federal government and private sector.”1 And, as Admiral Michael S. Rogers testiﬁed before the Senate Armed Services Committee earlier this year: “Unfriendly states, organized criminals, and even unafﬁliated cyber actors are stealing American intellectual property and using cyber means for coercion.”
- Evolving terrorist threats. The Homeland Security Review pointed to the difﬁculties in threat preparation: “Terrorist threats are evolving and, while changing in shape, remain signiﬁcant as attack planning and operations become more decentralized.”
- Human capital challenges. Federal agencies also face risk from the inside. Increasing human capital challenges are driven by workforce turnover, difﬁculty in recruiting and retaining top talent, and enforcing standards for the conduct of personnel. These developments imperil the ability of many federal agencies to effectively execute their missions and protect the integrity of their reputation.