Nicole Puri, a director of Grant Thornton's public sector practice, has said that agencies should develop insights, identify opportunities for improvement and implement a governance structure to address enterprise risk management goals.
She wrote in a commentary published Monday on Federal News Network that in order to comply with the Office of Management and Budget's ERM directive, agencies need to use data analytics and conduct risk assessment meetings to develop agency strategies, direct research efforts and establish long-term service and performance goals.
She also urged agencies to evaluate information technology spending and improve governance to incorporate accountability and incentive-based collaboration while tailoring operations to agency needs and culture.
“One approach may not work for every agency, but options to consider include a methodology that rates modernization and maintenance IT funding priorities by risk to mission, a historical analysis and future projection of IT cost trends, or risk appetite and tolerance limits to automatically prompt risk actions,“ she said.
Puri previously worked as a risk management official at the Department of Housing and Urban Development and Pension Benefit Guaranty Corp.