Connect with us

Politics

OMB revamping A-123, removing many enterprise risk concepts

Published

3 months ago

on

The Office of Management and Budget is de-emphasizing enterprise risk management at a time when experts say this type of holistic approach is needed the most.

As part of its effort to rewrite Circular A-123, a draft copy of the document, obtained by Federal News Network, shows OMB has removed any mention of enterprise risk management, including section two of the current circular that specifically calls for establishing an ERM program and identifying current and residual risks and how to mitigate those potential or real challenges.

The draft Circular A-123 instead combines certain concepts of ERM back into the sections focused on internal controls and maintains some aspects of this enterprise approach, like the requirement for agencies to name a chief risk officer.

“What we have seen in nearly 10 years of ERM being a part of A-123 is agencies have been able to expand the conversation around risk management, especially around the C-suite table. They are able to talk about the risks that are pertinent to specific organizations that otherwise wouldn’t have been exchanged in these environments,” said Karen Hardy, the president of the Association for Federal Risk Management (AFERM). “The mention and acknowledgement of certain aspects of risk management is important. If not, it’s not top of mind and becomes a second thought.”

Hardy and other experts say it’s more important than ever for agencies to manage risk from all perspectives, operationally, cyber, reputational, financial and strategic, and that it’s embedded across the entire agency.

“ERM provides a way to look across the entire organization and look at different risks that often only get viewed in siloes. If you can look at them holistically and how they would impact the agency, agencies can address the most critical risks to their missions and put in place a method to treat those risks,” said one government official involved in ERM. “By putting risk back into internal controls, it’s an entirely different approach. You look at processes and operations, and you are making sure things are working properly. You are addressing those specific risks, but you are not getting a view from the top.”

Last update was in 2016

The official said OMB’s draft A-123 update pushes ERM backwards to being something that is done in conjunction with internal controls, which usually agencies worry about after they’ve figured out their risks.

“It misses the whole point of using ERM as a means by which agency leadership can understand the most critical risks to their agency. They also can drive better decisions by understanding the bigger picture, and ideally get ahead of something that turns into the crisis,” the official said.

An email to OMB seeking comment on its plans to update A-123 wasn’t returned.

OMB updated A-123 in 2016 to include enterprise risk management concepts. In that update, OMB outlined a flexible framework for how each agency, bureau and component can manage risk. In the update, OMB told agencies to focus more on ERM and less on internal controls to manage risk because internal more prescriptive, while ERM lets managers decide what areas to focus on and address broad-based real or potential risks.

OMB had started another update to A-123 in 2024 to focus on improper payments. But it didn’t complete it before the end of the Biden administration.

Since OMB updated A-123, the use of enterprise risk management has grown significantly across government and has become a standard across the private sector.

The 2024 survey from the Association of Federal Enterprise Risk Management and Guidehouse shows that 85% of all respondents, who came from 48 federal organizations, including 15 cabinet agencies, had a formal ERM program. That is slightly up from 2023. Of those with formal programs, 63% have had a program for at least five years.

“Larger agencies responding they have a formal ERM program are up slightly (86%) from 2023 (83%) but are still below the historical high in 2022 of 92%,” the survey stated.

Source: 2024 survey of federal enterprise risk management by AFERM and Guidehouse.

Source: 2024 survey of federal enterprise risk management by AFERM and Guidehouse.

It’s not just in the public sector where ERM has grown. Experts say this is a leading industry practice, too.

An October 2024 report by American Institute of CPAs (AICPA) & Chartered Institute of Management Accountants (CIMA) and North Carolina State University’s Enterprise Risk Management (ERM) Initiative found 47% of respondent organizations globally appointed a single individual, such as a chief risk officer or equivalent, to lead the risk management function. The survey also found 47% of organizations describe their ERM process as a process that is “mostly” to “extensively” systematic, robust and repeatable with regular reporting of top risk exposures to the board.

Folding ERM into internal controls

OMB is not getting rid of all aspects of ERM.

The draft circular does continue to call on agencies to appoint a chief risk officer, develop a risk management council and creating risk profiles that aggregate different opportunities and threats.

Tom Stanton, a fellow with the National Academy of Public Administration (NAPA) and a former president of AFERM, said getting rid of the word enterprise changes the underlying dynamics of the effort.

“If you just put risk management under internal controls, it’s a top-down effort. But that’s the opposite almost in terms of information flow about risk. ERM information has got to come from the bottom up,” he said. “ERM improves the quality of information to decision makers who need it, particularly now when so many agencies are in turmoil with layoffs and reductions in force. You need to use ERM as a way for information to flow across the agency so people at the top don’t have really bad things happen when they are not expecting it.”

The experts pointed to recent developments at the Federal Aviation Administration and the Social Security Administration where ERM would’ve benefited them.

The government official said ERM could’ve helped the FAA better handle the rash of outages and SSA better understand recent decisions to change the authentication processes.

“Not using ERM is a missed opportunity and not understanding risk when the government is facing more risk than it has in a long time is a problem. It’s not the time not to decrease risk management. Now is the time to shine a brighter light on government risk and what they can do about it,” the official said. “In the times we are in, it’s a bad message to send that ERM isn’t important and to reframe it as part of internal control reviews. They are not elevating it to the level it should be, especially when you look at other sectors, they are doing more to elevate the need for ERM and not de-emphasize it. This is an adopted business process that is being done for a reason.”

Draft focuses on FMFIA, GPRAM

OMB’s decision to change A-123 and remove ERM may be tied to the administration’s goals of only doing things required by statute.

OMB wrote in the introduction to the revised draft circular that it’s authorized by the Federal Managers’ Financial Integrity Act of 1982 and the Government Performance and Results Act (GPRA) Modernization Act of 2010. Neither law specifically calls out the requirement for agencies to use ERM.

At the same time, the experts say OMB seemed to want to rush the rewrite through the process. It initially gave agencies only a week to comment on the draft and extended it another week.

Additionally, the White House didn’t share the draft A-123 far and wide, particularly with agency CROs and others who work in enterprise risk management.

AFERM’s Hardy said while she supports relooking at A-123 to streamline it and make it easier to implement, not keeping specific references to ERM in the document could be problematic.

“If it’s not there, it may not be top of mind, which is why it’s important to include that vocabulary in the guidance so that people can learn from it, practice it because it may not be something that they normally think about. Risk is normally managed in siloes, but having enterprise in there connotates you have to manage it across the enterprise,” Hardy said. “External partners and industries are all practicing it and as we partner with them, they already have an advantage of understanding the positive effect ERM is having on their industry. The government will be at disadvantage if we are not as astute in this practice as they are, and it’s something that is positive and can help with efficiency and effectiveness of the government.”

The post OMB revamping A-123, removing many enterprise risk concepts first appeared on Federal News Network.

Related Topics:
Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Politics

Victor Reacts: This Is Almost Too Stupid to Be True – NYC Transgender Homeless Shelter (VIDEO)

Published

19 hours ago

on

August 9, 2025

By

Democrats continue to somehow subvert the lowest of expectations as they fight their woke crusades.

In a first ever virtue signal, New York City is set to open a transgender only homeless shelter.

The Gateway Pundit reported,

The city of New York is opening the nation’s first transgender-only homeless shelter.

The shelter, a partnership between a local LGBTQ nonprofit and the city government, will cost the city an extraordinary $65 million and will be the first transgender homeless shelter in the nation.

“ We’ve watched so many other corporations and foundations and businesses just like completely turn their back on the community and the city didn’t do it,” said Sean Ebony Coleman, founder and CEO of Destination Tomorrow, the nonprofit that will manage the shelter for the city.

“The city is keeping in line with what New York City has always been, a sanctuary city, a safe haven, but more importantly, a trendsetter when it comes to LGBTQ rights.”

The opening comes amid a broader homelessness crisis in New York City, where more than 100,000 people are estimated to be without stable housing on any given night.

The city’s shelter system is already stretched thin, with demand rising due to a combination of economic hardship, an influx of illegal aliens ,and a severe shortage of affordable housing.

Who cares about all the other homeless people in New York City each night, the transgender homeless come first.

Truth has become stranger than parody. With any luck, Democrats will continue down this path of self destruction that has been so thoroughly rejected by the American people.

The post Victor Reacts: This Is Almost Too Stupid to Be True – NYC Transgender Homeless Shelter (VIDEO) appeared first on The Gateway Pundit.

Continue Reading

Politics

Suspect in Deadly Montana Bar Shooting Captured After a Weeklong Manhunt

Published

19 hours ago

on

August 9, 2025

By

A weeklong manhunt has come to a close with the apprehension of Michael Paul Brown, a 45-year-old Army veteran, following a fatal mass shooting at The Owl Bar in Anaconda.

On August 1, 2025, at approximately 10:30 a.m., Brown entered The Owl Bar, where he lived next door, and opened fire with a rifle, killing four local residents: bartender Nancy Lauretta Kelley (64) and patrons Daniel Edwin Baillie (59), David Allen Leach (70), and Tony Wayne Palm (74).

A multi-agency effort, including state law enforcement, the U.S. Marshals Service, and federal resources, scoured the mountainous terrain surrounding Anaconda. Helicopters, K9 units, and tactical teams were deployed across the region.

A reward of $7,500 to $10,000 was offered for information leading to Brown’s capture.

On Friday, Montana Governor Greg Gianforte confirmed Brown’s arrest via social media, acknowledging the rapid and resolute law enforcement response.

“The Anaconda shooter Michael Brown has been apprehended. Incredible response from law enforcement officers across Montana. Thank you to all partners for your commitment to the search. May God continue to be with the families of the four victims still grieving their loss,” Gianforte.

CNN reported:

Brown had been on the run since the “biggest” shooting in the state of Montana in a decade. He was arrested around 2 p.m. local time Friday near the search area in Anaconda and is now in the custody of Anaconda-Deer Lodge County authorities, according to the Montana Department of Justice.

Brown, an Army veteran, was seen on security footage fleeing The Owl Bar, where the fatal shooting occurred, investigators said. Since then, he had been sought by authorities representing at least 38 local, state and federal agencies traversing challenging terrain in the western Montana wilderness.

“I am proud of the unrelenting law enforcement effort this week to find and arrest Michael Paul Brown. The support we’ve seen for the community of Anaconda from across the state and the nation has also been remarkable,” Montana Attorney General Austin Knudsen said in a statement following the arrest. “The families and friends of the victims remain in my prayers.”

[…]

Brown served as an armor crewman in the US Army from January 2001 to May 2005 and was deployed to Iraq from February 2004 to March 2005, Lt. Col. Ruth Castro, a spokesperson with the US Army, previously told CNN.

Brown’s niece, Clare Boyle, previously told CNN he struggled with his mental health during his time in the Army and was never the same after his service. Brown’s mental health got progressively worse with the passing of both of his parents, Boyle said.

The post Suspect in Deadly Montana Bar Shooting Captured After a Weeklong Manhunt appeared first on The Gateway Pundit.

Continue Reading

Politics

WATCH: Fire Ravages World-Famous Mosque-Cathedral in Cordoba, Spain

Published

19 hours ago

on

August 9, 2025

By

Fire breaks out in the Cathedral of Our Lady of the Assumption in Cordoba.

More than a tourist attraction, more than an architectural treasure, the Mosque-Cathedral in the Andalusian city of Cordoba, Spain is a historical monument and a spiritual center – so, all around the world, both the faithful and the history lovers are mourning as a massive fire consumes the building complex.

Newsweek reported:

“Firefighters are responding to the blaze at the major tourist attraction and UNESCO-listed heritage site in Andalusia. Footage shows thick smoke billowing out from the millennia-old building as flames lapped at its roof.

Firefighters from the city of Córdoba are still battling to extinguish the fire at the Mosque-Cathedral of Córdoba but local reports say the blaze is mostly contained as of 10 p.m. local time. The extent of damage is not yet clear.”

Being simultaneously one of the most significant buildings both in Islamic and in Christian architectural history, it began as a grand mosque in the 8th century and was transformed into a cathedral in 1236.

“The Mosque–Cathedral of Córdoba, officially called the Cathedral of Our Lady of the Assumption, was built as a mosque over 200 years starting 785 CE. The mosque opened in 988 CE, and remained a Muslim site for nearly 300 years before the Christian conquest of Cordoba in 1236 CE.

The structure converted to a cathedral, undergoing additional modifications and building until one final, major addition in 1607 CE.”

Read more, from November 2024:

‘The Virgin of Paris’: Medieval Statue of the Virgin Mary With Baby Jesus, That Survived the 2019 Fire, Is Returned to the Notre Dame Cathedral Ahead of December Grand Reopening

The post WATCH: Fire Ravages World-Famous Mosque-Cathedral in Cordoba, Spain appeared first on The Gateway Pundit.

Continue Reading

Trending